var-200109-0040
Vulnerability from variot
Buffer overflow in the GUI authentication code of Check Point VPN-1/FireWall-1 Management Server 4.0 and 4.1 allows remote attackers to execute arbitrary code via a long user name. Firewall-1 is a popular stateful-inspection firewall. It has been reported that Firewall-1 may contain a buffer overflow vulnerability. The vulnerability is allegedly in logging of authentication attempts by GUI log viewing clients. The attack must be launched from hosts who are permitted to view logs via the GUI interface. This vulnerability is present only in the Windows NT and 2000 versions of the product
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200109-0040",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "firewall-1",
"scope": "eq",
"trust": 1.6,
"vendor": "checkpoint",
"version": "4.0"
},
{
"model": "firewall-1",
"scope": "eq",
"trust": 1.6,
"vendor": "checkpoint",
"version": "4.1"
},
{
"model": "vpn-1/firewall-1",
"scope": "lte",
"trust": 0.8,
"vendor": "check point",
"version": "4.0sp8"
},
{
"model": "vpn-1/firewall-1",
"scope": "lte",
"trust": 0.8,
"vendor": "check point",
"version": "4.1sp5"
},
{
"model": "vpn-1/firewall-1",
"scope": "eq",
"trust": 0.8,
"vendor": "check point",
"version": "ng hotfix 2"
},
{
"model": "point software nokia voyager",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1 sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1 sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1 sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1 sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1 sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1 sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1 sp7",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1 sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1 sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1 sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1 sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1 sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1 sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
}
],
"sources": [
{
"db": "BID",
"id": "3336"
},
{
"db": "JVNDB",
"id": "JVNDB-2001-000142"
},
{
"db": "CNNVD",
"id": "CNNVD-200109-120"
},
{
"db": "NVD",
"id": "CVE-2001-0940"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:checkpoint:vpn-1_firewall-1",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2001-000142"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "This vulnerability was initially discovered by the QinetiQ SHC Security Research Team, and was announced by \u003cindig0@talk21.com\u003e.",
"sources": [
{
"db": "BID",
"id": "3336"
},
{
"db": "CNNVD",
"id": "CNNVD-200109-120"
}
],
"trust": 0.9
},
"cve": "CVE-2001-0940",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2001-0940",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-3747",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2001-0940",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2001-0940",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200109-120",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-3747",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-3747"
},
{
"db": "JVNDB",
"id": "JVNDB-2001-000142"
},
{
"db": "CNNVD",
"id": "CNNVD-200109-120"
},
{
"db": "NVD",
"id": "CVE-2001-0940"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in the GUI authentication code of Check Point VPN-1/FireWall-1 Management Server 4.0 and 4.1 allows remote attackers to execute arbitrary code via a long user name. Firewall-1 is a popular stateful-inspection firewall. \nIt has been reported that Firewall-1 may contain a buffer overflow vulnerability. The vulnerability is allegedly in logging of authentication attempts by GUI log viewing clients. \nThe attack must be launched from hosts who are permitted to view logs via the GUI interface. This vulnerability is present only in the Windows NT and 2000 versions of the product",
"sources": [
{
"db": "NVD",
"id": "CVE-2001-0940"
},
{
"db": "JVNDB",
"id": "JVNDB-2001-000142"
},
{
"db": "BID",
"id": "3336"
},
{
"db": "VULHUB",
"id": "VHN-3747"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "3336",
"trust": 2.8
},
{
"db": "NVD",
"id": "CVE-2001-0940",
"trust": 2.5
},
{
"db": "OSVDB",
"id": "1951",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2001-000142",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200109-120",
"trust": 0.7
},
{
"db": "CHECKPOINT",
"id": "20010919 GUI BUFFER OVERFLOW",
"trust": 0.6
},
{
"db": "XF",
"id": "7145",
"trust": 0.6
},
{
"db": "XF",
"id": "1",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20011130 FW: FIREWALL-1 REMOTE SYSTEM SHELL BUFFER OVERFLOW",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20011128 FIREWALL-1 REMOTE SYSTEM SHELL BUFFER OVERFLOW",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20010919 CHECK POINT FIREWALL-1 GUI LOG VIEWER VULNERABILITY (VULDB 3336)",
"trust": 0.6
},
{
"db": "WIN2KSEC",
"id": "20010921 CHECK POINT FIREWALL-1 GUI BUFFER OVERFLOW",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-3747",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-3747"
},
{
"db": "BID",
"id": "3336"
},
{
"db": "JVNDB",
"id": "JVNDB-2001-000142"
},
{
"db": "CNNVD",
"id": "CNNVD-200109-120"
},
{
"db": "NVD",
"id": "CVE-2001-0940"
}
]
},
"id": "VAR-200109-0040",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-3747"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-22T21:39:37.985000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "2001-09-19-00",
"trust": 0.8,
"url": "http://www.checkpoint.com/techsupport/alerts/buffer_overflow.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2001-000142"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2001-0940"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.5,
"url": "http://www.securityfocus.com/bid/3336"
},
{
"trust": 3.0,
"url": "http://www.checkpoint.com/techsupport/alerts/buffer_overflow.html"
},
{
"trust": 2.7,
"url": "http://cert.uni-stuttgart.de/archive/bugtraq/2001/11/msg00291.html"
},
{
"trust": 2.7,
"url": "http://www.osvdb.org/1951"
},
{
"trust": 2.7,
"url": "http://archives.neohapsis.com/archives/win2ksecadvice/2001-q3/0151.html"
},
{
"trust": 2.1,
"url": "http://marc.info/?l=bugtraq\u0026m=100094268017271\u0026w=2"
},
{
"trust": 2.1,
"url": "http://marc.info/?l=bugtraq\u0026m=100698954308436\u0026w=2"
},
{
"trust": 2.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7145"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2001-0940"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2001-0940"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=100698954308436\u0026w=2"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/static/7145.php"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=100094268017271\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.checkpoint.com/techsupport/"
},
{
"trust": 0.3,
"url": "http://www.checkpoint.com/products/security/firewall-1.html"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-3747"
},
{
"db": "BID",
"id": "3336"
},
{
"db": "JVNDB",
"id": "JVNDB-2001-000142"
},
{
"db": "CNNVD",
"id": "CNNVD-200109-120"
},
{
"db": "NVD",
"id": "CVE-2001-0940"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-3747"
},
{
"db": "BID",
"id": "3336"
},
{
"db": "JVNDB",
"id": "JVNDB-2001-000142"
},
{
"db": "CNNVD",
"id": "CNNVD-200109-120"
},
{
"db": "NVD",
"id": "CVE-2001-0940"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2001-09-21T00:00:00",
"db": "VULHUB",
"id": "VHN-3747"
},
{
"date": "2001-09-12T00:00:00",
"db": "BID",
"id": "3336"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2001-000142"
},
{
"date": "2001-09-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200109-120"
},
{
"date": "2001-09-21T04:00:00",
"db": "NVD",
"id": "CVE-2001-0940"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-10-10T00:00:00",
"db": "VULHUB",
"id": "VHN-3747"
},
{
"date": "2001-09-12T00:00:00",
"db": "BID",
"id": "3336"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2001-000142"
},
{
"date": "2005-05-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200109-120"
},
{
"date": "2024-11-20T23:36:29.443000",
"db": "NVD",
"id": "CVE-2001-0940"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200109-120"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Check Point Firewall-1 GUI Log Viewer Vulnerability",
"sources": [
{
"db": "BID",
"id": "3336"
},
{
"db": "CNNVD",
"id": "CNNVD-200109-120"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200109-120"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…