Filtered by vendor Checkpoint
Subscriptions
Filtered by product Firewall-1
Subscriptions
Total
43 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2000-0779 | 1 Checkpoint | 1 Firewall-1 | 2025-04-03 | N/A |
| Checkpoint Firewall-1 with the RSH/REXEC setting enabled allows remote attackers to bypass access restrictions and connect to a RSH/REXEC client via malformed connection requests. | ||||
| CVE-2000-0807 | 1 Checkpoint | 1 Firewall-1 | 2025-04-03 | N/A |
| The OPSEC communications authentication mechanism (fwn1) in Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to spoof connections, aka the "OPSEC Authentication Vulnerability." | ||||
| CVE-2000-0808 | 1 Checkpoint | 1 Firewall-1 | 2025-04-03 | N/A |
| The seed generation mechanism in the inter-module S/Key authentication mechanism in Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to bypass authentication via a brute force attack, aka "One-time (s/key) Password Authentication." | ||||
| CVE-2000-0809 | 1 Checkpoint | 1 Firewall-1 | 2025-04-03 | N/A |
| Buffer overflow in Getkey in the protocol checker in the inter-module communication mechanism in Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to cause a denial of service. | ||||
| CVE-2000-1037 | 1 Checkpoint | 1 Firewall-1 | 2025-04-03 | N/A |
| Check Point Firewall-1 session agent 3.0 through 4.1 generates different error messages for invalid user names versus invalid passwords, which allows remote attackers to determine valid usernames and guess a password via a brute force attack. | ||||
| CVE-2001-1102 | 1 Checkpoint | 1 Firewall-1 | 2025-04-03 | N/A |
| Check Point FireWall-1 3.0b through 4.1 for Solaris allows local users to overwrite arbitrary files via a symlink attack on temporary policy files that end in a .cpp extension, which are set world-writable. | ||||
| CVE-2001-1158 | 1 Checkpoint | 1 Firewall-1 | 2025-04-03 | N/A |
| Check Point VPN-1/FireWall-1 4.1 base.def contains a default macro, accept_fw1_rdp, which can allow remote attackers to bypass intended restrictions with forged RDP (internal protocol) headers to UDP port 259 of arbitrary hosts. | ||||
| CVE-2004-0040 | 1 Checkpoint | 2 Firewall-1, Vpn-1 | 2025-04-03 | N/A |
| Stack-based buffer overflow in Check Point VPN-1 Server 4.1 through 4.1 SP6 and Check Point SecuRemote/SecureClient 4.1 through 4.1 build 4200 allows remote attackers to execute arbitrary code via an ISAKMP packet with a large Certificate Request packet. | ||||
| CVE-2004-0699 | 1 Checkpoint | 2 Firewall-1, Vpn-1 | 2025-04-03 | N/A |
| Heap-based buffer overflow in ASN.1 decoding library in Check Point VPN-1 products, when Aggressive Mode IKE is implemented, allows remote attackers to execute arbitrary code by initiating an IKE negotiation and then sending an IKE packet with malformed ASN.1 data. | ||||
| CVE-2006-3885 | 1 Checkpoint | 1 Firewall-1 | 2025-04-03 | N/A |
| Directory traversal vulnerability in Check Point Firewall-1 R55W before HFA03 allows remote attackers to read arbitrary files via an encoded .. (dot dot) in the URL on TCP port 18264. | ||||
| CVE-1999-0675 | 1 Checkpoint | 1 Firewall-1 | 2025-04-03 | N/A |
| Check Point FireWall-1 can be subjected to a denial of service via UDP packets that are sent through VPN-1 to port 0 of a host. | ||||
| CVE-1999-0895 | 1 Checkpoint | 1 Firewall-1 | 2025-04-03 | N/A |
| Firewall-1 does not properly restrict access to LDAP attributes. | ||||
| CVE-1999-1204 | 1 Checkpoint | 1 Firewall-1 | 2025-04-03 | N/A |
| Check Point Firewall-1 does not properly handle certain restricted keywords (e.g., Mail, auth, time) in user-defined objects, which could produce a rule with a default "ANY" address and result in access to more systems than intended by the administrator. | ||||
| CVE-2000-1032 | 1 Checkpoint | 1 Firewall-1 | 2025-04-03 | N/A |
| The client authentication interface for Check Point Firewall-1 4.0 and earlier generates different error messages for invalid usernames versus invalid passwords, which allows remote attackers to identify valid usernames on the firewall. | ||||
| CVE-2001-0082 | 1 Checkpoint | 1 Firewall-1 | 2025-04-03 | N/A |
| Check Point VPN-1/FireWall-1 4.1 SP2 with Fastmode enabled allows remote attackers to bypass access restrictions via malformed, fragmented packets. | ||||
| CVE-2000-0150 | 2 Checkpoint, Cisco | 2 Firewall-1, Pix Firewall Software | 2025-04-03 | N/A |
| Check Point Firewall-1 allows remote attackers to bypass port access restrictions on an FTP server by forcing it to send malicious packets that Firewall-1 misinterprets as a valid 227 response to a client's PASV attempt. | ||||
| CVE-2000-0181 | 1 Checkpoint | 1 Firewall-1 | 2025-04-03 | N/A |
| Firewall-1 3.0 and 4.0 leaks packets with private IP address information, which could allow remote attackers to determine the real IP address of the host that is making the connection. | ||||
| CVE-2000-0482 | 1 Checkpoint | 1 Firewall-1 | 2025-04-03 | N/A |
| Check Point Firewall-1 allows remote attackers to cause a denial of service by sending a large number of malformed fragmented IP packets. | ||||
| CVE-2000-0582 | 1 Checkpoint | 1 Firewall-1 | 2025-04-03 | N/A |
| Check Point FireWall-1 4.0 and 4.1 allows remote attackers to cause a denial of service by sending a stream of invalid commands (such as binary zeros) to the SMTP Security Server proxy. | ||||
| CVE-2000-0116 | 1 Checkpoint | 1 Firewall-1 | 2025-04-03 | N/A |
| Firewall-1 does not properly filter script tags, which allows remote attackers to bypass the "Strip Script Tags" restriction by including an extra < in front of the SCRIPT tag. | ||||