CVE-2007-0471

Severity

75%

Complexity

99%

Confidentiality

106%

sre/params.php in the Integrity Clientless Security (ICS) component in Check Point Connectra NGX R62 3.x and earlier before Security Hotfix 5, and possibly VPN-1 NGX R62, allows remote attackers to bypass security requirements via a crafted Report parameter, which returns a valid ICSCookie authentication token.

sre/params.php in the Integrity Clientless Security (ICS) component in Check Point Connectra NGX R62 3.x and earlier before Security Hotfix 5, and possibly VPN-1 NGX R62, allows remote attackers to bypass security requirements via a crafted Report parameter, which returns a valid ICSCookie authentication token.

CVSS 2.0 Base Score 7.5. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P).

Overview

First reported 18 years ago

2007-01-24 01:28:00

Last updated 6 years ago

2018-10-16 16:32:00

Affected Software

Checkpoint Connectra NGX

References

20070122 Check Point Connectra End Point security bypass

Exploit, Vendor Advisory

31655

23847

Vendor Advisory

http://secureknowledge.checkpoint.com/SecureKnowledge/viewSolutionDocument.do?lid=sk32472

2179

1017559

1017560

http://updates.checkpoint.com/fileserver/ID/7126/FILE/VPN-1_Hotfix1.pdf

http://www.checkpoint.com/downloads/latest/hfa/connectra/security_r62.html

http://www.checkpoint.com/downloads/latest/hfa/vpn1_security/vpn1_R62_Windows.html

20070122 Re: [Full-disclosure] Check Point Connectra End Point security bypass

20070122 Check Point Connectra End Point security bypass

ADV-2007-0276

Vendor Advisory

checkpoint-params-security-bypass(31646)

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.