Vulnerability CVE-2008-1397
Published: 2008-03-19   Modified: 2012-02-12

Description:
Check Point VPN-1 Power/UTM, with NGX R60 through R65 and NG AI R55 software, allows remote authenticated users to cause a denial of service (site-to-site VPN tunnel outage), and possibly intercept network traffic, by configuring the local RFC1918 IP address to be the same as one of this tunnel's endpoint RFC1918 IP addresses, and then using SecuRemote to connect to a network interface at the other endpoint.

Type:

CWE-264

 (Permissions, Privileges, and Access Controls)

CVSS2 => (AV:N/AC:L/Au:S/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
6.5/10
6.4/10
8/10
Exploit range
Attack complexity
Authentication
Remote
Low
Single time
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
Checkpoint -> Check point vpn-1 pro 
Checkpoint -> Vpn-1 
Checkpoint -> Vpn-1 firewall-1 
Checkpoint -> Vpn-1 power utm 
Checkpoint -> Vpn-1 power utm with ngx 

 References:
http://www.kb.cert.org/vuls/id/992585
https://supportcenter.checkpoint.com/supportcenter/portal?solutionid=sk34579
http://www.vupen.com/english/advisories/2008/0953/references
http://www.securityfocus.com/bid/28299
http://www.puresecurity.com.au/files/PureSecurity%20VPN-1%20DoS_Spoofing%20Attack%20against%20VPN%20tunnels.pdf
http://secunia.com/advisories/29394
http://xforce.iss.net/xforce/xfdb/41260
http://www.securitytracker.com/id?1019666
http://puresecurity.com.au/index.php?action=fullnews&id=5
Copyright 2024, cxsecurity.com

 

Back to Top