Filtered by vendor Checkpoint Subscriptions
Filtered by product Firewall-1 Subscriptions
Total 43 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2000-1201 1 Checkpoint 1 Firewall-1 2024-08-08 N/A
Check Point FireWall-1 allows remote attackers to cause a denial of service (high CPU) via a flood of packets to port 264.
CVE-2000-1037 1 Checkpoint 1 Firewall-1 2024-08-08 N/A
Check Point Firewall-1 session agent 3.0 through 4.1 generates different error messages for invalid user names versus invalid passwords, which allows remote attackers to determine valid usernames and guess a password via a brute force attack.
CVE-2000-1032 1 Checkpoint 1 Firewall-1 2024-08-08 N/A
The client authentication interface for Check Point Firewall-1 4.0 and earlier generates different error messages for invalid usernames versus invalid passwords, which allows remote attackers to identify valid usernames on the firewall.
CVE-2000-0808 1 Checkpoint 1 Firewall-1 2024-08-08 N/A
The seed generation mechanism in the inter-module S/Key authentication mechanism in Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to bypass authentication via a brute force attack, aka "One-time (s/key) Password Authentication."
CVE-2000-0806 1 Checkpoint 1 Firewall-1 2024-08-08 N/A
The inter-module authentication mechanism (fwa1) in Check Point VPN-1/FireWall-1 4.1 and earlier may allow remote attackers to conduct a denial of service, aka "Inter-module Communications Bypass."
CVE-2000-0809 1 Checkpoint 1 Firewall-1 2024-08-08 N/A
Buffer overflow in Getkey in the protocol checker in the inter-module communication mechanism in Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to cause a denial of service.
CVE-2000-0805 1 Checkpoint 1 Firewall-1 2024-08-08 N/A
Check Point VPN-1/FireWall-1 4.1 and earlier improperly retransmits encapsulated FWS packets, even if they do not come from a valid FWZ client, aka "Retransmission of Encapsulated Packets."
CVE-2000-0807 1 Checkpoint 1 Firewall-1 2024-08-08 N/A
The OPSEC communications authentication mechanism (fwn1) in Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to spoof connections, aka the "OPSEC Authentication Vulnerability."
CVE-2000-0804 1 Checkpoint 1 Firewall-1 2024-08-08 N/A
Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to bypass the directionality check via fragmented TCP connection requests or reopening closed TCP connection requests, aka "One-way Connection Enforcement Bypass."
CVE-2000-0813 1 Checkpoint 1 Firewall-1 2024-08-08 N/A
Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to redirect FTP connections to other servers ("FTP Bounce") via invalid FTP commands that are processed improperly by FireWall-1, aka "FTP Connection Enforcement Bypass."
CVE-2000-0779 1 Checkpoint 1 Firewall-1 2024-08-08 N/A
Checkpoint Firewall-1 with the RSH/REXEC setting enabled allows remote attackers to bypass access restrictions and connect to a RSH/REXEC client via malformed connection requests.
CVE-2000-0582 1 Checkpoint 1 Firewall-1 2024-08-08 N/A
Check Point FireWall-1 4.0 and 4.1 allows remote attackers to cause a denial of service by sending a stream of invalid commands (such as binary zeros) to the SMTP Security Server proxy.
CVE-2000-0482 1 Checkpoint 1 Firewall-1 2024-08-08 N/A
Check Point Firewall-1 allows remote attackers to cause a denial of service by sending a large number of malformed fragmented IP packets.
CVE-2000-0181 1 Checkpoint 1 Firewall-1 2024-08-08 N/A
Firewall-1 3.0 and 4.0 leaks packets with private IP address information, which could allow remote attackers to determine the real IP address of the host that is making the connection.
CVE-2000-0150 2 Checkpoint, Cisco 2 Firewall-1, Pix Firewall Software 2024-08-08 N/A
Check Point Firewall-1 allows remote attackers to bypass port access restrictions on an FTP server by forcing it to send malicious packets that Firewall-1 misinterprets as a valid 227 response to a client's PASV attempt.
CVE-2000-0116 1 Checkpoint 1 Firewall-1 2024-08-08 N/A
Firewall-1 does not properly filter script tags, which allows remote attackers to bypass the "Strip Script Tags" restriction by including an extra < in front of the SCRIPT tag.
CVE-2001-1431 2 Checkpoint, Nokia 3 Firewall-1, Vpn-1, Firewall Appliance 2024-08-08 N/A
Nokia Firewall Appliances running IPSO 3.3 and VPN-1/FireWall-1 4.1 Service Pack 3, IPSO 3.4 and VPN-1/FireWall-1 4.1 Service Pack 4, and IPSO 3.4 or IPSO 3.4.1 and VPN-1/FireWall-1 4.1 Service Pack 5, when SYN Defender is configured in Active Gateway mode, does not properly rewrite the third packet of a TCP three-way handshake to use the NAT IP address, which allows remote attackers to gain sensitive information.
CVE-2001-1303 1 Checkpoint 1 Firewall-1 2024-08-08 N/A
The default configuration of SecuRemote for Check Point Firewall-1 allows remote attackers to obtain sensitive configuration information for the protected network without authentication.
CVE-2001-1171 1 Checkpoint 1 Firewall-1 2024-08-08 N/A
Check Point Firewall-1 3.0b through 4.0 SP1 follows symlinks and creates a world-writable temporary .cpp file when compiling Policy rules, which could allow local users to gain privileges or modify the firewall policy.
CVE-2001-1176 1 Checkpoint 3 Firewall-1, Provider-1, Vpn-1 2024-08-08 N/A
Format string vulnerability in Check Point VPN-1/FireWall-1 4.1 allows a remote authenticated firewall administrator to execute arbitrary code via format strings in the control connection.