The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Check Point Security Appliance

computer vulnerability note 29639

Check Point Gaia: privilege escalation via SMB 8 Characters Password

Synthesis of the vulnerability

An attacker can bypass restrictions via SMB 8 Characters Password of Check Point Gaia, in order to escalate his privileges.
Impacted products: GAiA, CheckPoint IP Appliance, CheckPoint Security Appliance.
Severity: 1/4.
Consequences: user access/rights.
Provenance: intranet client.
Creation date: 27/06/2019.
Identifiers: sk155172, VIGILANCE-VUL-29639.

Description of the vulnerability

An attacker can bypass restrictions via SMB 8 Characters Password of Check Point Gaia, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2019-8456

Check Point IPSec VPN: privilege escalation via IKEv2 Tunnel

Synthesis of the vulnerability

An attacker can bypass restrictions via IKEv2 Tunnel of Check Point IPSec VPN, in order to escalate his privileges.
Impacted products: CheckPoint Endpoint Security, CheckPoint IP Appliance, SecurePlatform, CheckPoint Security Appliance.
Severity: 2/4.
Consequences: data reading, data flow.
Provenance: internet client.
Creation date: 08/04/2019.
Identifiers: CVE-2019-8456, sk149892, VIGILANCE-VUL-28964.

Description of the vulnerability

An attacker can bypass restrictions via IKEv2 Tunnel of Check Point IPSec VPN, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note 26899

Check Point Security Gateway: invalid policy via Rulebase Domain Objects

Synthesis of the vulnerability

The Check Point Security Gateway product can install a policy different from the one desired by the administrator with Rulebase Domain Objects.
Impacted products: CheckPoint Security Appliance, CheckPoint Security Gateway.
Severity: 2/4.
Consequences: data flow.
Provenance: internet client.
Creation date: 03/08/2018.
Identifiers: sk133176, VIGILANCE-VUL-26899.

Description of the vulnerability

The Check Point Security Gateway product can install a policy different from the one desired by the administrator with Rulebase Domain Objects.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce 21652

Check Point Security Gateway: vulnerability

Synthesis of the vulnerability

A vulnerability of Check Point Security Gateway was announced.
Impacted products: GAiA, CheckPoint IP Appliance, CheckPoint Security Appliance, CheckPoint Security Gateway.
Severity: 3/4.
Consequences: unknown consequence, administrator access/rights, privileged access/rights, user access/rights, client access/rights, data reading, data creation/edition, data deletion, data flow, denial of service on server, denial of service on service, denial of service on client, disguisement.
Provenance: internet client.
Creation date: 23/01/2017.
Identifiers: sk115596, VIGILANCE-VUL-21652.

Description of the vulnerability

A vulnerability of Check Point Security Gateway was announced.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2016-4487 CVE-2016-4488 CVE-2016-4489

binutils/libiberty: seven vulnerabilities

Synthesis of the vulnerability

Several vulnerabilities were announced in binutils/libiberty.
Impacted products: GAiA, CheckPoint IP Appliance, SecurePlatform, CheckPoint Security Appliance, CheckPoint Security Gateway, Debian, Ubuntu.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights, user access/rights, denial of service on service, denial of service on client.
Provenance: user shell.
Number of vulnerabilities in this bulletin: 7.
Creation date: 18/07/2016.
Identifiers: CVE-2016-4487, CVE-2016-4488, CVE-2016-4489, CVE-2016-4490, CVE-2016-4491, CVE-2016-4492, CVE-2016-4493, DLA-552-1, sk116495, USN-3337-1, USN-3367-1, USN-3368-1, VIGILANCE-VUL-20140.

Description of the vulnerability

Several vulnerabilities were announced in binutils/libiberty.

An attacker can force the usage of a freed memory area via btypevec, in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2016-4487]

An attacker can force the usage of a freed memory area via ktypevec, in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2016-4488]

An attacker can generate an integer overflow, in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2016-4489]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2016-4490]

An attacker can generate an infinite loop via d_print_comp(), in order to trigger a denial of service. [severity:1/4; CVE-2016-4491]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2016-4492]

An attacker can force a read at an invalid address, in order to trigger a denial of service, or to obtain sensitive information. [severity:1/4; CVE-2016-4493]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2016-2226

binutils: buffer overflow

Synthesis of the vulnerability

An attacker can generate a buffer overflow of binutils, in order to trigger a denial of service, and possibly to run code.
Impacted products: GAiA, CheckPoint IP Appliance, SecurePlatform, CheckPoint Security Appliance, CheckPoint Security Gateway, Debian, Ubuntu.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights, user access/rights, denial of service on service, denial of service on client.
Provenance: user shell.
Creation date: 18/07/2016.
Identifiers: CVE-2016-2226, DLA-552-1, sk116495, USN-3337-1, USN-3367-1, USN-3368-1, VIGILANCE-VUL-20139.

Description of the vulnerability

An attacker can generate a buffer overflow of binutils, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert 19746

Check Point Anti-Bot/Virus: malicious urls not blocked

Synthesis of the vulnerability

An attacker can send documents containing malicious urls, which are not detected by Check Point Anti-Bot/Virus.
Impacted products: GAiA, CheckPoint Security Appliance.
Severity: 2/4.
Consequences: data flow.
Provenance: document.
Creation date: 01/06/2016.
Identifiers: sk111740, VIGILANCE-VUL-19746.

Description of the vulnerability

The Check Point Anti-Bot / Anti-Virus product offers a service to detect malicious urls.

However, after installing Take 143 of R77.30 Jumbo Hotfix Accumulator, this service stops.

An attacker can therefore send documents containing malicious urls, which are not detected by Check Point Anti-Bot/Virus.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2014-9293 CVE-2014-9294 CVE-2014-9295

NTP.org: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of NTP.org.
Impacted products: GAiA, CheckPoint IP Appliance, IPSO, CheckPoint Power-1 Appliance, CheckPoint Security Appliance, CheckPoint Smart-1, CheckPoint VSX-1, IOS XR Cisco, Nexus by Cisco, NX-OS, Cisco CUCM, Cisco Unified CCX, Clearswift Email Gateway, Debian, Black Diamond, ExtremeXOS, Summit, BIG-IP Hardware, TMOS, Fedora, FreeBSD, HP Switch, HP-UX, AIX, Juniper J-Series, Junos OS, Junos Space, NSMXpress, Meinberg NTP Server, NetBSD, NTP.org, openSUSE, Oracle Communications, Solaris, RHEL, ROX, RuggedSwitch, Slackware, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 3/4.
Consequences: privileged access/rights, user access/rights, data reading, denial of service on service.
Provenance: intranet client.
Number of vulnerabilities in this bulletin: 6.
Creation date: 19/12/2014.
Revision date: 17/02/2016.
Identifiers: c04554677, c04574882, c04916783, CERTFR-2014-AVI-537, CERTFR-2014-AVI-538, CERTFR-2016-AVI-148, cisco-sa-20141222-ntpd, cpuoct2016, CVE-2014-9293, CVE-2014-9294, CVE-2014-9295, CVE-2014-9296, DSA-3108-1, FEDORA-2014-17361, FEDORA-2014-17367, FEDORA-2014-17395, FreeBSD-SA-14:31.ntp, HPSBHF03432, HPSBPV03266, HPSBUX03240, JSA10663, MBGSA-1405, MDVSA-2015:003, MDVSA-2015:140, NetBSD-SA2015-003, openSUSE-SU-2014:1670-1, openSUSE-SU-2014:1680-1, RHSA-2014:2024-01, RHSA-2014:2025-01, RHSA-2015:0104-01, sk103825, SOL15933, SOL15934, SOL15935, SOL15936, SSA:2014-356-01, SSA-671683, SSRT101872, SUSE-SU-2014:1686-1, SUSE-SU-2014:1686-2, SUSE-SU-2014:1686-3, SUSE-SU-2014:1690-1, SUSE-SU-2015:0259-1, SUSE-SU-2015:0259-2, SUSE-SU-2015:0259-3, SUSE-SU-2015:0274-1, SUSE-SU-2015:0322-1, USN-2449-1, VIGILANCE-VUL-15867, VN-2014-005, VU#852879.

Description of the vulnerability

Several vulnerabilities were announced in NTP.org.

An attacker can predict the default key generated by config_auth(), in order to bypass the authentication. [severity:2/4; CVE-2014-9293]

An attacker can predict the key generated by ntp-keygen, in order to decrypt sessions. [severity:2/4; CVE-2014-9294]

An attacker can generate a buffer overflow in crypto_recv(), in order to trigger a denial of service, and possibly to execute code. [severity:3/4; CVE-2014-9295]

An attacker can generate a buffer overflow in ctl_putdata(), in order to trigger a denial of service, and possibly to execute code. [severity:3/4; CVE-2014-9295]

An attacker can generate a buffer overflow in configure(), in order to trigger a denial of service, and possibly to execute code. [severity:3/4; CVE-2014-9295]

An attacker can trigger an error in receive(), which is not detected. [severity:1/4; CVE-2014-9296]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce 17127

Check Point Security Gateway: memory leak via CIFS

Synthesis of the vulnerability

An attacker can create a memory leak in the CIFS protocol analyser of Check Point Security Gateway, in order to trigger a denial of service.
Impacted products: SecurePlatform, CheckPoint Security Appliance, CheckPoint Security Gateway.
Severity: 2/4.
Consequences: denial of service on server, denial of service on service, denial of service on client.
Provenance: internet client.
Creation date: 15/06/2015.
Identifiers: sk106334, VIGILANCE-VUL-17127.

Description of the vulnerability

The Check Point Security Gateway product offers an anti-virus service.

It may be configured to inspect the CIFS network traffic. However, the memory allocated in a function range_create() is never freed.

An attacker can therefore create a memory leak in the CIFS protocol analyzer of Check Point Security Gateway, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2014-8730 CVE-2015-2774

Check Point, Cisco, IBM, F5, FortiOS: information disclosure via POODLE on TLS

Synthesis of the vulnerability

An attacker, located as a Man-in-the-Middle, can decrypt a Terminating TLS session, in order to obtain sensitive information.
Impacted products: GAiA, CheckPoint IP Appliance, IPSO, CheckPoint Power-1 Appliance, SecurePlatform, CheckPoint Security Appliance, CheckPoint Smart-1, CheckPoint VSX-1, Cisco ACE, ASA, BIG-IP Hardware, TMOS, Fedora, FortiGate, FortiGate Virtual Appliance, FortiOS, DB2 UDB, Domino, Informix Server, Tivoli Directory Server, openSUSE, Solaris, Palo Alto Firewall PA***, PAN-OS, Ubuntu.
Severity: 3/4.
Consequences: data reading.
Provenance: internet client.
Number of vulnerabilities in this bulletin: 2.
Creation date: 09/12/2014.
Revision date: 17/12/2014.
Identifiers: 1450666, 1610582, 1647054, 1692906, 1693052, 1693142, bulletinjul2017, CERTFR-2014-AVI-533, CSCus08101, CSCus09311, CVE-2014-8730, CVE-2015-2774, FEDORA-2015-12923, FEDORA-2015-12970, openSUSE-SU-2016:0523-1, sk103683, SOL15882, USN-3571-1, VIGILANCE-VUL-15756.

Description of the vulnerability

The VIGILANCE-VUL-15485 (POODLE) vulnerability originates from an incorrect management of SSLv3 padding.

The F5 BIG-IP product can be configured to "terminate" SSL/TLS sessions. However, even when TLS is used, this BIG-IP feature uses the SSLv3 function to manage the padding. TLS sessions are thus also vulnerable to POODLE.

The same vulnerability also impacts Check Point, Cisco, IBM and Fortinet products.

An attacker, located as a Man-in-the-Middle, can therefore decrypt a Terminating TLS session, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Check Point Security Appliance: