Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-1431

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2001-1431
Last Modified 05 Sep 2008 04:26:32
Published 08 Oct 2001 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2001-1431

Summary

Nokia Firewall Appliances running IPSO 3.3 and VPN-1/FireWall-1 4.1 Service Pack 3, IPSO 3.4 and VPN-1/FireWall-1 4.1 Service Pack 4, and IPSO 3.4 or IPSO 3.4.1 and VPN-1/FireWall-1 4.1 Service Pack 5, when SYN Defender is configured in Active Gateway mode, does not properly rewrite the third packet of a TCP three-way handshake to use the NAT IP address, which allows remote attackers to gain sensitive information.

Vulnerable Systems

Application

  • Checkpoint Firewall-1 4.1

  • Checkpoint Vpn-1 4.1


References

CERT-VN - VU#258731

XF - nokia-cp-packet-retransmission(8293)


Last Updated: 27 May 2016 10:36:40