var-200102-0084
Vulnerability from variot
Check Point VPN-1/FireWall-1 4.1 SP2 with Fastmode enabled allows remote attackers to bypass access restrictions via malformed, fragmented packets. Check Point of VPN-1 and FireWall-1 Product supports "Fast Mode" The option contains a vulnerability that could allow access to restricted services by bypassing access control.The service of the host whose communication is blocked by the firewall may be accessed. Firewall-1 is prone to a security bypass vulnerability. Fast Mode is a setting that turns off analysis of packets in tcp sessions after the TCP 3-way handshake has completed for speed-crtitical services. It is also reportedly possible to access hosts at least one hop away on the same interface as the target host being protected. In order for this to be possible, at least one TCP service on a host protected by the firewall must be accessible by the attacker to which a SYN can be sent legitimately. The vulnerability is due to a failure to handle malformed fragmented TCP segments. Check Point Software contacted SecurityFocus with an update regarding this issue. Check the solutions section for the update. Fastmode's valid version of Check Point VPN-1/FireWall-1 4.1 SP2 is vulnerable. A remote attacker can cause a denial of service by means of an extremely long URL request to the web management interface
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200102-0084",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "firewall-1",
"scope": "eq",
"trust": 1.6,
"vendor": "checkpoint",
"version": "4.1"
},
{
"model": "vpn-1/firewall-1",
"scope": "lte",
"trust": 0.8,
"vendor": "check point",
"version": "4.0sp7"
},
{
"model": "vpn-1/firewall-1",
"scope": "lte",
"trust": 0.8,
"vendor": "check point",
"version": "4.1sp2"
},
{
"model": "point software firewall-1 sp2",
"scope": "eq",
"trust": 0.6,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1 sp3",
"scope": "ne",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
}
],
"sources": [
{
"db": "BID",
"id": "88537"
},
{
"db": "BID",
"id": "2143"
},
{
"db": "JVNDB",
"id": "JVNDB-2000-000126"
},
{
"db": "CNNVD",
"id": "CNNVD-200102-007"
},
{
"db": "NVD",
"id": "CVE-2001-0082"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:checkpoint:vpn-1_firewall-1",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2000-000126"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "88537"
}
],
"trust": 0.3
},
"cve": "CVE-2001-0082",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2001-0082",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-2904",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2001-0082",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2001-0082",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200102-007",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-2904",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-2904"
},
{
"db": "JVNDB",
"id": "JVNDB-2000-000126"
},
{
"db": "CNNVD",
"id": "CNNVD-200102-007"
},
{
"db": "NVD",
"id": "CVE-2001-0082"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Check Point VPN-1/FireWall-1 4.1 SP2 with Fastmode enabled allows remote attackers to bypass access restrictions via malformed, fragmented packets. Check Point of VPN-1 and FireWall-1 Product supports \"Fast Mode\" The option contains a vulnerability that could allow access to restricted services by bypassing access control.The service of the host whose communication is blocked by the firewall may be accessed. Firewall-1 is prone to a security bypass vulnerability. Fast Mode is a setting that turns off analysis of packets in tcp sessions after the TCP 3-way handshake has completed for speed-crtitical services. It is also reportedly possible to access hosts at least one hop away on the same interface as the target host being protected. \nIn order for this to be possible, at least one TCP service on a host protected by the firewall must be accessible by the attacker to which a SYN can be sent legitimately. The vulnerability is due to a failure to handle malformed fragmented TCP segments. \nCheck Point Software contacted SecurityFocus with an update regarding this issue. Check the solutions section for the update. Fastmode\u0027s valid version of Check Point VPN-1/FireWall-1 4.1 SP2 is vulnerable. A remote attacker can cause a denial of service by means of an extremely long URL request to the web management interface",
"sources": [
{
"db": "NVD",
"id": "CVE-2001-0082"
},
{
"db": "JVNDB",
"id": "JVNDB-2000-000126"
},
{
"db": "BID",
"id": "88537"
},
{
"db": "BID",
"id": "2143"
},
{
"db": "VULHUB",
"id": "VHN-2904"
}
],
"trust": 2.25
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-2904",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-2904"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2001-0082",
"trust": 2.8
},
{
"db": "BID",
"id": "2143",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2000-000126",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200102-007",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20001218 FIREWALL-1 FASTMODE VULNERABILITY",
"trust": 0.6
},
{
"db": "BID",
"id": "88537",
"trust": 0.4
},
{
"db": "EXPLOIT-DB",
"id": "20519",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-74392",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-2904",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-2904"
},
{
"db": "BID",
"id": "88537"
},
{
"db": "BID",
"id": "2143"
},
{
"db": "JVNDB",
"id": "JVNDB-2000-000126"
},
{
"db": "CNNVD",
"id": "CNNVD-200102-007"
},
{
"db": "NVD",
"id": "CVE-2001-0082"
}
]
},
"id": "VAR-200102-0084",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-2904"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T14:53:59.538000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.checkpoint.co.jp/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2000-000126"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2001-0082"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-12/0271.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2001-0082"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2001-0082"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/2143"
},
{
"trust": 0.3,
"url": "http://www.checkpoint.com/techsupport/alerts/fastmode.html"
},
{
"trust": 0.3,
"url": "http://www.checkpoint.com/products/security/firewall-1.html"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-2904"
},
{
"db": "BID",
"id": "88537"
},
{
"db": "BID",
"id": "2143"
},
{
"db": "JVNDB",
"id": "JVNDB-2000-000126"
},
{
"db": "CNNVD",
"id": "CNNVD-200102-007"
},
{
"db": "NVD",
"id": "CVE-2001-0082"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-2904"
},
{
"db": "BID",
"id": "88537"
},
{
"db": "BID",
"id": "2143"
},
{
"db": "JVNDB",
"id": "JVNDB-2000-000126"
},
{
"db": "CNNVD",
"id": "CNNVD-200102-007"
},
{
"db": "NVD",
"id": "CVE-2001-0082"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2001-02-12T00:00:00",
"db": "VULHUB",
"id": "VHN-2904"
},
{
"date": "2001-02-12T00:00:00",
"db": "BID",
"id": "88537"
},
{
"date": "2000-12-14T00:00:00",
"db": "BID",
"id": "2143"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2000-000126"
},
{
"date": "2001-02-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200102-007"
},
{
"date": "2001-02-12T05:00:00",
"db": "NVD",
"id": "CVE-2001-0082"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-09-05T00:00:00",
"db": "VULHUB",
"id": "VHN-2904"
},
{
"date": "2001-02-12T00:00:00",
"db": "BID",
"id": "88537"
},
{
"date": "2000-12-14T00:00:00",
"db": "BID",
"id": "2143"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2000-000126"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200102-007"
},
{
"date": "2008-09-05T20:23:13.527000",
"db": "NVD",
"id": "CVE-2001-0082"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "88537"
},
{
"db": "BID",
"id": "2143"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Check Point Firewall-1 of Fast Mode In TCP Fragment Vulnerability not checking",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2000-000126"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "unknown",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200102-007"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…