Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-1499

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2001-1499
Last Modified 05 Sep 2008 04:26:42
Published 31 Dec 2001 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2001-1499

Summary

Check Point VPN-1 4.1SP4 using SecuRemote returns different error messages for valid and invalid users, with prompts that vary depending on the authentication method being used, which makes it easier for remote attackers to conduct brute force attacks.

Vulnerable Systems

Application

  • Checkpoint Vpn-1 4.1


References

XF - vpn1-securemote-brute-force(7343)

BID - 3470

BUGTRAQ - 20011024 RE: Check Point VPN-1 SecuRemote Flaw

BUGTRAQ - 20011023 Check Point VPN-1 SecuRemote Flaw

OSVDB - 20210


Last Updated: 27 May 2016 10:36:42