CVE-2005-4093

Severity

65%

Complexity

80%

Confidentiality

106%

Check Point VPN-1 SecureClient NG with Application Intelligence R56, NG FP1, 4.0, and 4.1 allows remote attackers to bypass security policies by modifying the local copy of the local.scv policy file after it has been downloaded from the VPN Endpoint.

Check Point VPN-1 SecureClient NG with Application Intelligence R56, NG FP1, 4.0, and 4.1 allows remote attackers to bypass security policies by modifying the local copy of the local.scv policy file after it has been downloaded from the VPN Endpoint.

CVSS 2.0 Base Score 6.5. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:S/C:P/I:P/A:P).

Overview

Type

Checkpoint

First reported 19 years ago

2005-12-08 11:03:00

Last updated 14 years ago

2011-05-18 04:00:00

Affected Software

Checkpoint SecureClient NG with Application Intelligence R56

r56

Checkpoint VPN-1 SecureClient 4.0

4.0

Checkpoint VPN-1 SecureClient 4.1

4.1

References

20051207 Checkpoint SecureClient NGX Security Policy can easily be disabled

17837

Vendor Advisory

23395

Vendor Advisory

1015326

http://www.mail-archive.com/[email protected]/msg00798.html

http://www.mail-archive.com/[email protected]/msg00799.html

15757

DSA-1237

ADV-2005-2808

Vendor Advisory

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.