Check Point Firewall-1 Session Agent Dictionary Attack Vulnerability
BID:1662
Info
Check Point Firewall-1 Session Agent Dictionary Attack Vulnerability
| Bugtraq ID: | 1662 |
| Class: | Design Error |
| CVE: |
CVE-2000-1037 |
| Remote: | Yes |
| Local: | No |
| Published: | Aug 15 2000 12:00AM |
| Updated: | Jul 11 2009 02:56AM |
| Credit: | This vulnerability was posted to the Bugtraq mailing list on August 15, 2000 by gregory duchemin <[email protected]> |
| Vulnerable: |
Check Point Software Firewall-1 4.1 Check Point Software Firewall-1 4.0 Check Point Software Firewall-1 3.0 |
| Not Vulnerable: | |
Discussion
Exploit / POC
Check Point Firewall-1 Session Agent Dictionary Attack Vulnerability
Nelson Brito<[email protected] || [email protected]> provided brute-fw1-agent.pl exploit.
Gregory Duchemin <[email protected]> submitted fwsa.sh exploit.
Nelson Brito<[email protected] || [email protected]> provided brute-fw1-agent.pl exploit.
Gregory Duchemin <[email protected]> submitted fwsa.sh exploit.
Solution / Fix
Check Point Firewall-1 Session Agent Dictionary Attack Vulnerability
Solution:
Currently the SecurityFocus staff are not aware of any vendor supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Solution:
Currently the SecurityFocus staff are not aware of any vendor supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
References
Check Point Firewall-1 Session Agent Dictionary Attack Vulnerability
References:
References:
- Check Point Technical Support (Check Point Software)
- FireWall-1 Product Homepage (Check Point Software)
- Potential Security Issues Recently Identified in FireWall-1 (Check Point Software)