| The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them. |
|
 |
|
|
Computer vulnerabilities of Check Point Security Appliance
Check Point Gaia Embedded: privilege escalation via SMB Truncated Password
Synthesis of the vulnerability
An attacker can bypass restrictions via SMB Truncated Password of Check Point Gaia Embedded, in order to escalate his privileges.
Severity: 2/4.
Creation date: 02/09/2019.
Identifiers: sk155172, VIGILANCE-VUL-30225.
Full Vigil@nce bulletin... (Free trial)
Description of the vulnerability
An attacker can bypass restrictions via SMB Truncated Password of Check Point Gaia Embedded, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial) |
Check Point Gaia: privilege escalation via SMB 8 Characters Password
Synthesis of the vulnerability
An attacker can bypass restrictions via SMB 8 Characters Password of Check Point Gaia, in order to escalate his privileges.
Severity: 1/4.
Creation date: 27/06/2019.
Identifiers: sk155172, VIGILANCE-VUL-29639.
Full Vigil@nce bulletin... (Free trial)
Description of the vulnerability
An attacker can bypass restrictions via SMB 8 Characters Password of Check Point Gaia, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial) |
Check Point IPSec VPN: privilege escalation via IKEv2 Tunnel
Synthesis of the vulnerability
An attacker can bypass restrictions via IKEv2 Tunnel of Check Point IPSec VPN, in order to escalate his privileges.
Severity: 2/4.
Creation date: 08/04/2019.
Identifiers: CVE-2019-8456, sk149892, VIGILANCE-VUL-28964.
Full Vigil@nce bulletin... (Free trial)
Description of the vulnerability
An attacker can bypass restrictions via IKEv2 Tunnel of Check Point IPSec VPN, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial) |
Check Point Security Gateway: invalid policy via Rulebase Domain Objects
Synthesis of the vulnerability
The Check Point Security Gateway product can install a policy different from the one desired by the administrator with Rulebase Domain Objects.
Severity: 2/4.
Creation date: 03/08/2018.
Identifiers: sk133176, VIGILANCE-VUL-26899.
Full Vigil@nce bulletin... (Free trial)
Description of the vulnerability
The Check Point Security Gateway product can install a policy different from the one desired by the administrator with Rulebase Domain Objects.
Full Vigil@nce bulletin... (Free trial) |
Check Point Security Gateway: vulnerability
Synthesis of the vulnerability
A vulnerability of Check Point Security Gateway was announced.
Severity: 3/4.
Creation date: 23/01/2017.
Identifiers: sk115596, VIGILANCE-VUL-21652.
Full Vigil@nce bulletin... (Free trial)
Description of the vulnerability
A vulnerability of Check Point Security Gateway was announced.
Full Vigil@nce bulletin... (Free trial) |
binutils/libiberty: seven vulnerabilities
Synthesis of the vulnerability
Several vulnerabilities were announced in binutils/libiberty.
Severity: 2/4.
Number of vulnerabilities in this bulletin: 7.
Creation date: 18/07/2016.
Identifiers: CVE-2016-4487, CVE-2016-4488, CVE-2016-4489, CVE-2016-4490, CVE-2016-4491, CVE-2016-4492, CVE-2016-4493, DLA-552-1, sk116495, USN-3337-1, USN-3367-1, USN-3368-1, VIGILANCE-VUL-20140.
Full Vigil@nce bulletin... (Free trial)
Description of the vulnerability
Several vulnerabilities were announced in binutils/libiberty.
An attacker can force the usage of a freed memory area via btypevec, in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2016-4487]
An attacker can force the usage of a freed memory area via ktypevec, in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2016-4488]
An attacker can generate an integer overflow, in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2016-4489]
An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2016-4490]
An attacker can generate an infinite loop via d_print_comp(), in order to trigger a denial of service. [severity:1/4; CVE-2016-4491]
An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2016-4492]
An attacker can force a read at an invalid address, in order to trigger a denial of service, or to obtain sensitive information. [severity:1/4; CVE-2016-4493]
Full Vigil@nce bulletin... (Free trial) |
binutils: buffer overflow
Synthesis of the vulnerability
An attacker can generate a buffer overflow of binutils, in order to trigger a denial of service, and possibly to run code.
Severity: 2/4.
Creation date: 18/07/2016.
Identifiers: CVE-2016-2226, DLA-552-1, sk116495, USN-3337-1, USN-3367-1, USN-3368-1, VIGILANCE-VUL-20139.
Full Vigil@nce bulletin... (Free trial)
Description of the vulnerability
An attacker can generate a buffer overflow of binutils, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial) |
Check Point Anti-Bot/Virus: malicious urls not blocked
Synthesis of the vulnerability
An attacker can send documents containing malicious urls, which are not detected by Check Point Anti-Bot/Virus.
Severity: 2/4.
Creation date: 01/06/2016.
Identifiers: sk111740, VIGILANCE-VUL-19746.
Full Vigil@nce bulletin... (Free trial)
Description of the vulnerability
The Check Point Anti-Bot / Anti-Virus product offers a service to detect malicious urls.
However, after installing Take 143 of R77.30 Jumbo Hotfix Accumulator, this service stops.
An attacker can therefore send documents containing malicious urls, which are not detected by Check Point Anti-Bot/Virus.
Full Vigil@nce bulletin... (Free trial) |
NTP.org: multiple vulnerabilities
Synthesis of the vulnerability
An attacker can use several vulnerabilities of NTP.org.
Severity: 3/4.
Number of vulnerabilities in this bulletin: 6.
Creation date: 19/12/2014.
Revision date: 17/02/2016.
Identifiers: c04554677, c04574882, c04916783, CERTFR-2014-AVI-537, CERTFR-2014-AVI-538, CERTFR-2016-AVI-148, cisco-sa-20141222-ntpd, cpuoct2016, CVE-2014-9293, CVE-2014-9294, CVE-2014-9295, CVE-2014-9296, DSA-3108-1, FEDORA-2014-17361, FEDORA-2014-17367, FEDORA-2014-17395, FreeBSD-SA-14:31.ntp, HPSBHF03432, HPSBPV03266, HPSBUX03240, JSA10663, MBGSA-1405, MDVSA-2015:003, MDVSA-2015:140, NetBSD-SA2015-003, openSUSE-SU-2014:1670-1, openSUSE-SU-2014:1680-1, RHSA-2014:2024-01, RHSA-2014:2025-01, RHSA-2015:0104-01, sk103825, SOL15933, SOL15934, SOL15935, SOL15936, SSA:2014-356-01, SSA-671683, SSRT101872, SUSE-SU-2014:1686-1, SUSE-SU-2014:1686-2, SUSE-SU-2014:1686-3, SUSE-SU-2014:1690-1, SUSE-SU-2015:0259-1, SUSE-SU-2015:0259-2, SUSE-SU-2015:0259-3, SUSE-SU-2015:0274-1, SUSE-SU-2015:0322-1, USN-2449-1, VIGILANCE-VUL-15867, VN-2014-005, VU#852879.
Full Vigil@nce bulletin... (Free trial)
Description of the vulnerability
Several vulnerabilities were announced in NTP.org.
An attacker can predict the default key generated by config_auth(), in order to bypass the authentication. [severity:2/4; CVE-2014-9293]
An attacker can predict the key generated by ntp-keygen, in order to decrypt sessions. [severity:2/4; CVE-2014-9294]
An attacker can generate a buffer overflow in crypto_recv(), in order to trigger a denial of service, and possibly to execute code. [severity:3/4; CVE-2014-9295]
An attacker can generate a buffer overflow in ctl_putdata(), in order to trigger a denial of service, and possibly to execute code. [severity:3/4; CVE-2014-9295]
An attacker can generate a buffer overflow in configure(), in order to trigger a denial of service, and possibly to execute code. [severity:3/4; CVE-2014-9295]
An attacker can trigger an error in receive(), which is not detected. [severity:1/4; CVE-2014-9296]
Full Vigil@nce bulletin... (Free trial) |
Check Point Security Gateway: memory leak via CIFS
Synthesis of the vulnerability
An attacker can create a memory leak in the CIFS protocol analyser of Check Point Security Gateway, in order to trigger a denial of service.
Severity: 2/4.
Creation date: 15/06/2015.
Identifiers: sk106334, VIGILANCE-VUL-17127.
Full Vigil@nce bulletin... (Free trial)
Description of the vulnerability
The Check Point Security Gateway product offers an anti-virus service.
It may be configured to inspect the CIFS network traffic. However, the memory allocated in a function range_create() is never freed.
An attacker can therefore create a memory leak in the CIFS protocol analyzer of Check Point Security Gateway, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial) |
Our database contains other pages. You can request a free trial to read them.
Display information about Check Point Security Appliance:
|