The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Check Point GAiA

computer vulnerability note 29639

Check Point Gaia: privilege escalation via SMB 8 Characters Password

Synthesis of the vulnerability

An attacker can bypass restrictions via SMB 8 Characters Password of Check Point Gaia, in order to escalate his privileges.
Impacted products: GAiA, CheckPoint IP Appliance, CheckPoint Security Appliance.
Severity: 1/4.
Consequences: user access/rights.
Provenance: intranet client.
Creation date: 27/06/2019.
Identifiers: sk155172, VIGILANCE-VUL-29639.

Description of the vulnerability

An attacker can bypass restrictions via SMB 8 Characters Password of Check Point Gaia, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability 28415

Check Point Gaia: privilege escalation via Administrator Password Reset

Synthesis of the vulnerability

An attacker can bypass restrictions via Administrator Password Reset of Check Point Gaia, in order to escalate his privileges.
Impacted products: GAiA, CheckPoint Security Gateway.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights.
Provenance: intranet client.
Creation date: 31/01/2019.
Identifiers: sk145612, VIGILANCE-VUL-28415.

Description of the vulnerability

An attacker can bypass restrictions via Administrator Password Reset of Check Point Gaia, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2018-5391

Linux kernel: denial of service via FragmentSmack

Synthesis of the vulnerability

An attacker can generate a fatal error via FragmentSmack of the Linux kernel, in order to trigger a denial of service.
Impacted products: GAiA, SecurePlatform, CheckPoint Security Gateway, Cisco Aironet, IOS XE Cisco, Nexus by Cisco, Prime Collaboration Assurance, Prime Infrastructure, Cisco Router, Secure ACS, Cisco CUCM, Cisco UCS, Cisco Unified CCX, Cisco IP Phone, Cisco Wireless Controller, Debian, BIG-IP Hardware, TMOS, Junos Space, Linux, Windows 10, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 2016, Windows 7, Windows 8, Windows RT, openSUSE Leap, Palo Alto Firewall PA***, PAN-OS, RHEL, RSA Authentication Manager, SUSE Linux Enterprise Desktop, SLES, Symantec Content Analysis, ProxySG by Symantec, Synology DSM, Ubuntu.
Severity: 2/4.
Consequences: denial of service on server, denial of service on service.
Provenance: internet client.
Creation date: 16/08/2018.
Identifiers: ADV180022, CERTFR-2018-AVI-390, CERTFR-2018-AVI-392, CERTFR-2018-AVI-419, CERTFR-2018-AVI-457, CERTFR-2018-AVI-478, CERTFR-2018-AVI-533, CERTFR-2019-AVI-233, CERTFR-2019-AVI-242, cisco-sa-20180824-linux-ip-fragment, CVE-2018-5391, DLA-1466-1, DLA-1529-1, DSA-2019-062, DSA-4272-1, FragmentSmack, JSA10917, K74374841, openSUSE-SU-2018:2404-1, openSUSE-SU-2018:2407-1, openSUSE-SU-2019:0274-1, PAN-SA-2018-0012, RHSA-2018:2785-01, RHSA-2018:2791-01, RHSA-2018:2846-01, RHSA-2018:2924-01, RHSA-2018:2925-01, RHSA-2018:2933-01, RHSA-2018:2948-01, RHSA-2018:3083-01, RHSA-2018:3096-01, RHSA-2018:3459-01, RHSA-2018:3540-01, RHSA-2018:3586-01, RHSA-2018:3590-01, sk134253, SUSE-SU-2018:2344-1, SUSE-SU-2018:2374-1, SUSE-SU-2018:2380-1, SUSE-SU-2018:2381-1, SUSE-SU-2018:2596-1, SUSE-SU-2019:0541-1, SUSE-SU-2019:1289-1, SYMSA1467, Synology-SA-18:44, USN-3740-1, USN-3740-2, USN-3741-1, USN-3741-2, USN-3741-3, USN-3742-1, USN-3742-2, USN-3742-3, VIGILANCE-VUL-27009, VU#641765.

Description of the vulnerability

An attacker can generate a fatal error via FragmentSmack of the Linux kernel, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce CVE-2018-6922

FreeBSD: denial of service via SegmentSmack

Synthesis of the vulnerability

An attacker can generate a fatal error via TCP Reassembly of FreeBSD, in order to trigger a denial of service.
Impacted products: GAiA, SecurePlatform, CheckPoint Security Gateway, AsyncOS, Cisco Content SMA, Cisco ESA, Cisco WSA, FreeBSD, AIX, Junos OS, SRX-Series, Oracle Communications, pfSense.
Severity: 3/4.
Consequences: denial of service on server, denial of service on service.
Provenance: internet client.
Creation date: 07/08/2018.
Identifiers: 6387, cisco-sa-20180824-linux-tcp, cpujan2019, CVE-2018-6922, FreeBSD-SA-18:08.tcp, ibm10737709, JSA10876, SegmentSmack, sk134253, VIGILANCE-VUL-26922.

Description of the vulnerability

An attacker can generate a fatal error via TCP Reassembly of FreeBSD, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2018-5390

Linux kernel: denial of service via SegmentSmack

Synthesis of the vulnerability

An attacker can generate a fatal error via tcp_prune_ofo_queue() of the Linux kernel, in order to trigger a denial of service.
Impacted products: GAiA, SecurePlatform, CheckPoint Security Gateway, AsyncOS, Cisco Content SMA, Cisco ESA, Cisco WSA, Debian, BIG-IP Hardware, TMOS, QRadar SIEM, Junos OS, Junos Space, SRX-Series, Linux, McAfee Email Gateway, McAfee NSM, McAfee NSP, McAfee Web Gateway, openSUSE Leap, Oracle Communications, RHEL, SUSE Linux Enterprise Desktop, SLES, Symantec Content Analysis, ProxySG by Symantec, Ubuntu.
Severity: 3/4.
Consequences: denial of service on server, denial of service on service.
Provenance: internet client.
Creation date: 07/08/2018.
Identifiers: CERTFR-2018-AVI-374, CERTFR-2018-AVI-375, CERTFR-2018-AVI-386, CERTFR-2018-AVI-390, CERTFR-2018-AVI-392, CERTFR-2018-AVI-419, CERTFR-2018-AVI-420, CERTFR-2018-AVI-428, CERTFR-2018-AVI-457, CERTFR-2018-AVI-584, cisco-sa-20180824-linux-tcp, cpujan2019, CVE-2018-5390, DLA-1466-1, DSA-4266-1, ibm10742755, JSA10876, JSA10917, K95343321, openSUSE-SU-2018:2242-1, openSUSE-SU-2018:2404-1, RHSA-2018:2384-01, RHSA-2018:2395-01, RHSA-2018:2645-01, RHSA-2018:2776-01, RHSA-2018:2785-01, RHSA-2018:2789-01, RHSA-2018:2790-01, RHSA-2018:2791-01, RHSA-2018:2924-01, RHSA-2018:2933-01, RHSA-2018:2948-01, SB10249, SegmentSmack, sk134253, SUSE-SU-2018:2223-1, SUSE-SU-2018:2328-1, SUSE-SU-2018:2344-1, SUSE-SU-2018:2374-1, SUSE-SU-2018:2596-1, SYMSA1467, USN-3732-1, USN-3732-2, USN-3741-1, USN-3741-2, USN-3741-3, USN-3742-1, USN-3742-2, USN-3742-3, USN-3763-1, VIGILANCE-VUL-26913, VU#962459.

Description of the vulnerability

An attacker can generate a fatal error via tcp_prune_ofo_queue() of the Linux kernel, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce 21652

Check Point Security Gateway: vulnerability

Synthesis of the vulnerability

A vulnerability of Check Point Security Gateway was announced.
Impacted products: GAiA, CheckPoint IP Appliance, CheckPoint Security Appliance, CheckPoint Security Gateway.
Severity: 3/4.
Consequences: unknown consequence, administrator access/rights, privileged access/rights, user access/rights, client access/rights, data reading, data creation/edition, data deletion, data flow, denial of service on server, denial of service on service, denial of service on client, disguisement.
Provenance: internet client.
Creation date: 23/01/2017.
Identifiers: sk115596, VIGILANCE-VUL-21652.

Description of the vulnerability

A vulnerability of Check Point Security Gateway was announced.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note 21229

Check Point Threat Emulation/Extraction: bypassing MTA filtering

Synthesis of the vulnerability

An attacker can send a malicious email to Check Point Threat Emulation/Extraction, which is not filtered.
Impacted products: GAiA, SecurePlatform.
Severity: 2/4.
Consequences: data flow.
Provenance: document.
Creation date: 29/11/2016.
Identifiers: sk114664, VIGILANCE-VUL-21229.

Description of the vulnerability

The Check Point Threat Emulation/Extraction product offers a service to filter emails.

However, an email can bypass this protection.

An attacker can therefore send a malicious email to Check Point Threat Emulation/Extraction, which is not filtered.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2016-4487 CVE-2016-4488 CVE-2016-4489

binutils/libiberty: seven vulnerabilities

Synthesis of the vulnerability

Several vulnerabilities were announced in binutils/libiberty.
Impacted products: GAiA, CheckPoint IP Appliance, SecurePlatform, CheckPoint Security Appliance, CheckPoint Security Gateway, Debian, Ubuntu.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights, user access/rights, denial of service on service, denial of service on client.
Provenance: user shell.
Number of vulnerabilities in this bulletin: 7.
Creation date: 18/07/2016.
Identifiers: CVE-2016-4487, CVE-2016-4488, CVE-2016-4489, CVE-2016-4490, CVE-2016-4491, CVE-2016-4492, CVE-2016-4493, DLA-552-1, sk116495, USN-3337-1, USN-3367-1, USN-3368-1, VIGILANCE-VUL-20140.

Description of the vulnerability

Several vulnerabilities were announced in binutils/libiberty.

An attacker can force the usage of a freed memory area via btypevec, in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2016-4487]

An attacker can force the usage of a freed memory area via ktypevec, in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2016-4488]

An attacker can generate an integer overflow, in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2016-4489]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2016-4490]

An attacker can generate an infinite loop via d_print_comp(), in order to trigger a denial of service. [severity:1/4; CVE-2016-4491]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2016-4492]

An attacker can force a read at an invalid address, in order to trigger a denial of service, or to obtain sensitive information. [severity:1/4; CVE-2016-4493]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2016-2226

binutils: buffer overflow

Synthesis of the vulnerability

An attacker can generate a buffer overflow of binutils, in order to trigger a denial of service, and possibly to run code.
Impacted products: GAiA, CheckPoint IP Appliance, SecurePlatform, CheckPoint Security Appliance, CheckPoint Security Gateway, Debian, Ubuntu.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights, user access/rights, denial of service on service, denial of service on client.
Provenance: user shell.
Creation date: 18/07/2016.
Identifiers: CVE-2016-2226, DLA-552-1, sk116495, USN-3337-1, USN-3367-1, USN-3368-1, VIGILANCE-VUL-20139.

Description of the vulnerability

An attacker can generate a buffer overflow of binutils, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert 19746

Check Point Anti-Bot/Virus: malicious urls not blocked

Synthesis of the vulnerability

An attacker can send documents containing malicious urls, which are not detected by Check Point Anti-Bot/Virus.
Impacted products: GAiA, CheckPoint Security Appliance.
Severity: 2/4.
Consequences: data flow.
Provenance: document.
Creation date: 01/06/2016.
Identifiers: sk111740, VIGILANCE-VUL-19746.

Description of the vulnerability

The Check Point Anti-Bot / Anti-Virus product offers a service to detect malicious urls.

However, after installing Take 143 of R77.30 Jumbo Hotfix Accumulator, this service stops.

An attacker can therefore send documents containing malicious urls, which are not detected by Check Point Anti-Bot/Virus.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Check Point GAiA: