We've tried to reproduce the attack on all VPN-1 versions from NG FP2 and above with and without HFAs. NOTE: the vendor has disputed this issue, stating 'Check Point Security Alert Team has analyzed this report. 10.0NoneRemoteLowNot requiredCompleteCompleteComplete. 7.1NoneRemoteMediumNot requiredNoneNoneCompleteMultiple unspecified vulnerabilities in Check Point Security Gateway R75.40VS, R75.45, R75.46, R75.47, R76, R77, and R77.10, when the (1) IPS blade, (2) IPsec Remote Access, (3) Mobile Access / SSL VPN blade, (4) SSL Network Extender, (5) Identify Awareness blade, (6) HTTPS Inspection, (7) UserCheck, or (8) Data Leak Prevention blade module is enabled, allow remote attackers to cause a denial of service ('stability issue') via an unspecified 'traffic condition.' 5.4NoneLocal NetworkMediumNot requiredPartialPartialPartialThe OSPF implementation in Check Point Gaia OS R75.X and R76 and IPSO OS 6.2 R75.X and R76 does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing disruption) or obtain sensitive packet information via a crafted LSA packet, a related issue to CVE-2013-0149.6DoS Exec Code Overflow.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |