The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Check Point Security Appliance

computer threat alert 30225

Check Point Gaia Embedded: privilege escalation via SMB Truncated Password

Synthesis of the vulnerability

An attacker can bypass restrictions via SMB Truncated Password of Check Point Gaia Embedded, in order to escalate his privileges.
Severity: 2/4.
Creation date: 02/09/2019.
Identifiers: sk155172, VIGILANCE-VUL-30225.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can bypass restrictions via SMB Truncated Password of Check Point Gaia Embedded, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

threat bulletin 29639

Check Point Gaia: privilege escalation via SMB 8 Characters Password

Synthesis of the vulnerability

An attacker can bypass restrictions via SMB 8 Characters Password of Check Point Gaia, in order to escalate his privileges.
Severity: 1/4.
Creation date: 27/06/2019.
Identifiers: sk155172, VIGILANCE-VUL-29639.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can bypass restrictions via SMB 8 Characters Password of Check Point Gaia, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

threat note CVE-2019-8456

Check Point IPSec VPN: privilege escalation via IKEv2 Tunnel

Synthesis of the vulnerability

An attacker can bypass restrictions via IKEv2 Tunnel of Check Point IPSec VPN, in order to escalate his privileges.
Severity: 2/4.
Creation date: 08/04/2019.
Identifiers: CVE-2019-8456, sk149892, VIGILANCE-VUL-28964.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can bypass restrictions via IKEv2 Tunnel of Check Point IPSec VPN, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

cybersecurity note 26899

Check Point Security Gateway: invalid policy via Rulebase Domain Objects

Synthesis of the vulnerability

The Check Point Security Gateway product can install a policy different from the one desired by the administrator with Rulebase Domain Objects.
Severity: 2/4.
Creation date: 03/08/2018.
Identifiers: sk133176, VIGILANCE-VUL-26899.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The Check Point Security Gateway product can install a policy different from the one desired by the administrator with Rulebase Domain Objects.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin 21652

Check Point Security Gateway: vulnerability

Synthesis of the vulnerability

A vulnerability of Check Point Security Gateway was announced.
Severity: 3/4.
Creation date: 23/01/2017.
Identifiers: sk115596, VIGILANCE-VUL-21652.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

A vulnerability of Check Point Security Gateway was announced.
Full Vigil@nce bulletin... (Free trial)

threat CVE-2016-4487 CVE-2016-4488 CVE-2016-4489

binutils/libiberty: seven vulnerabilities

Synthesis of the vulnerability

Several vulnerabilities were announced in binutils/libiberty.
Severity: 2/4.
Number of vulnerabilities in this bulletin: 7.
Creation date: 18/07/2016.
Identifiers: CVE-2016-4487, CVE-2016-4488, CVE-2016-4489, CVE-2016-4490, CVE-2016-4491, CVE-2016-4492, CVE-2016-4493, DLA-552-1, sk116495, USN-3337-1, USN-3367-1, USN-3368-1, VIGILANCE-VUL-20140.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

Several vulnerabilities were announced in binutils/libiberty.

An attacker can force the usage of a freed memory area via btypevec, in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2016-4487]

An attacker can force the usage of a freed memory area via ktypevec, in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2016-4488]

An attacker can generate an integer overflow, in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2016-4489]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2016-4490]

An attacker can generate an infinite loop via d_print_comp(), in order to trigger a denial of service. [severity:1/4; CVE-2016-4491]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:2/4; CVE-2016-4492]

An attacker can force a read at an invalid address, in order to trigger a denial of service, or to obtain sensitive information. [severity:1/4; CVE-2016-4493]
Full Vigil@nce bulletin... (Free trial)

weakness alert CVE-2016-2226

binutils: buffer overflow

Synthesis of the vulnerability

An attacker can generate a buffer overflow of binutils, in order to trigger a denial of service, and possibly to run code.
Severity: 2/4.
Creation date: 18/07/2016.
Identifiers: CVE-2016-2226, DLA-552-1, sk116495, USN-3337-1, USN-3367-1, USN-3368-1, VIGILANCE-VUL-20139.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can generate a buffer overflow of binutils, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note 19746

Check Point Anti-Bot/Virus: malicious urls not blocked

Synthesis of the vulnerability

An attacker can send documents containing malicious urls, which are not detected by Check Point Anti-Bot/Virus.
Severity: 2/4.
Creation date: 01/06/2016.
Identifiers: sk111740, VIGILANCE-VUL-19746.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The Check Point Anti-Bot / Anti-Virus product offers a service to detect malicious urls.

However, after installing Take 143 of R77.30 Jumbo Hotfix Accumulator, this service stops.

An attacker can therefore send documents containing malicious urls, which are not detected by Check Point Anti-Bot/Virus.
Full Vigil@nce bulletin... (Free trial)

threat bulletin CVE-2014-9293 CVE-2014-9294 CVE-2014-9295

NTP.org: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of NTP.org.
Severity: 3/4.
Number of vulnerabilities in this bulletin: 6.
Creation date: 19/12/2014.
Revision date: 17/02/2016.
Identifiers: c04554677, c04574882, c04916783, CERTFR-2014-AVI-537, CERTFR-2014-AVI-538, CERTFR-2016-AVI-148, cisco-sa-20141222-ntpd, cpuoct2016, CVE-2014-9293, CVE-2014-9294, CVE-2014-9295, CVE-2014-9296, DSA-3108-1, FEDORA-2014-17361, FEDORA-2014-17367, FEDORA-2014-17395, FreeBSD-SA-14:31.ntp, HPSBHF03432, HPSBPV03266, HPSBUX03240, JSA10663, MBGSA-1405, MDVSA-2015:003, MDVSA-2015:140, NetBSD-SA2015-003, openSUSE-SU-2014:1670-1, openSUSE-SU-2014:1680-1, RHSA-2014:2024-01, RHSA-2014:2025-01, RHSA-2015:0104-01, sk103825, SOL15933, SOL15934, SOL15935, SOL15936, SSA:2014-356-01, SSA-671683, SSRT101872, SUSE-SU-2014:1686-1, SUSE-SU-2014:1686-2, SUSE-SU-2014:1686-3, SUSE-SU-2014:1690-1, SUSE-SU-2015:0259-1, SUSE-SU-2015:0259-2, SUSE-SU-2015:0259-3, SUSE-SU-2015:0274-1, SUSE-SU-2015:0322-1, USN-2449-1, VIGILANCE-VUL-15867, VN-2014-005, VU#852879.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

Several vulnerabilities were announced in NTP.org.

An attacker can predict the default key generated by config_auth(), in order to bypass the authentication. [severity:2/4; CVE-2014-9293]

An attacker can predict the key generated by ntp-keygen, in order to decrypt sessions. [severity:2/4; CVE-2014-9294]

An attacker can generate a buffer overflow in crypto_recv(), in order to trigger a denial of service, and possibly to execute code. [severity:3/4; CVE-2014-9295]

An attacker can generate a buffer overflow in ctl_putdata(), in order to trigger a denial of service, and possibly to execute code. [severity:3/4; CVE-2014-9295]

An attacker can generate a buffer overflow in configure(), in order to trigger a denial of service, and possibly to execute code. [severity:3/4; CVE-2014-9295]

An attacker can trigger an error in receive(), which is not detected. [severity:1/4; CVE-2014-9296]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability 17127

Check Point Security Gateway: memory leak via CIFS

Synthesis of the vulnerability

An attacker can create a memory leak in the CIFS protocol analyser of Check Point Security Gateway, in order to trigger a denial of service.
Severity: 2/4.
Creation date: 15/06/2015.
Identifiers: sk106334, VIGILANCE-VUL-17127.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The Check Point Security Gateway product offers an anti-virus service.

It may be configured to inspect the CIFS network traffic. However, the memory allocated in a function range_create() is never freed.

An attacker can therefore create a memory leak in the CIFS protocol analyzer of Check Point Security Gateway, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Check Point Security Appliance: