Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-2405

Overview

Vulnerability Score 4.9 4.9
CVE Id CVE-2002-2405
Last Modified 05 Sep 2008 04:33:08
Published 31 Dec 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication SINGLE_INSTANCE

CVE-2002-2405

Summary

Check Point FireWall-1 4.1 and Next Generation (NG), with UserAuth configured to proxy HTTP traffic only, allows remote attackers to pass unauthorized HTTPS, FTP and possibly other traffic through the firewall.

Vulnerable Systems

Application

  • Checkpoint Firewall-1 4.1

  • Checkpoint Firewall-1 Ng


References

BID - 5744

XF - fw1-http-proxy-bypass(10139)

BUGTRAQ - 20020918 Firewall-1 ?HTTP Security Server - Proxy vulnerability


Last Updated: 27 May 2016 10:37:44