Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-4093

Overview

Vulnerability Score 6.5 6.5
CVE Id CVE-2005-4093
Last Modified 18 May 2011 12:00:00
Published 08 Dec 2005 06:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2005-4093

Summary

Check Point VPN-1 SecureClient NG with Application Intelligence R56, NG FP1, 4.0, and 4.1 allows remote attackers to bypass security policies by modifying the local copy of the local.scv policy file after it has been downloaded from the VPN Endpoint.

Vulnerable Systems

Application

  • Checkpoint Secureclient Ng

  • Checkpoint Secureclient Ng R56

  • Checkpoint Vpn-1 Secureclient 4.0

  • Checkpoint Vpn-1 Secureclient 4.1


References

VUPEN - ADV-2005-2808

DEBIAN - DSA-1237

BID - 15757

MISC - http://www.mail-archive.com/swinog@lists.swinog.ch/msg00799.html

MISC - http://www.mail-archive.com/swinog@lists.swinog.ch/msg00798.html

SECTRACK - 1015326

SECUNIA - 23395

SECUNIA - 17837

FULLDISC - 20051207 Checkpoint SecureClient NGX Security Policy can easily be disabled


Last Updated: 27 May 2016 10:41:11