Vulnerability Name:

CVE-2001-1158 (CCN-6815)

Assigned:2001-07-09
Published:2001-07-09
Updated:2017-10-10
Summary:Check Point VPN-1/FireWall-1 4.1 base.def contains a default macro, accept_fw1_rdp, which can allow remote attackers to bypass intended restrictions with forged RDP (internal protocol) headers to UDP port 259 of arbitrary hosts.
CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Access
References:Source: BUGTRAQ
Type: Patch, Vendor Advisory
20010709 Check Point FireWall-1 RDP Bypass Vulnerability

Source: CIAC
Type: UNKNOWN
L-109

Source: MITRE
Type: CNA
CVE-2001-1158

Source: BUGTRAQ
Type: UNKNOWN
20010709 Check Point response to RDP Bypass

Source: CCN
Type: CERT Advisory CA-2001-17
Check Point RDP Bypass Vulnerability

Source: CERT
Type: US Government Resource
CA-2001-17

Source: CCN
Type: Check Point Technical Support Alert
RDP Communication Vulnerability

Source: CHECKPOINT
Type: UNKNOWN
20010712 RDP Bypass workaround for VPN-1/FireWall 4.1 SPx

Source: CCN
Type: CIAC Information Bulletin L-109
VPN-1/FireWall-1 RDP Communication Vulnerability

Source: CCN
Type: Inside Security GmbH Vulnerability Notification Revision 1.4 2001-07-10
Check Point FireWall-1 RDP Bypass Vulnerability

Source: CCN
Type: US-CERT VU#310295
Check Point RDP Bypass Vulnerability

Source: CERT-VN
Type: US Government Resource
VU#310295

Source: OSVDB
Type: UNKNOWN
1884

Source: CCN
Type: OSVDB ID: 1884
Check Point FireWall-1 RDP Header Firewall Bypass

Source: BID
Type: Patch, Vendor Advisory
2952

Source: CCN
Type: BID-2952
Check Point Firewall-1 RDP Header Firewall Bypassing Vulnerability

Source: XF
Type: UNKNOWN
fw1-rdp-bypass(6815)

Source: XF
Type: UNKNOWN
fw1-rdp-bypass(6815)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:checkpoint:firewall-1:4.1:*:*:*:*:*:*:*
  • OR cpe:/a:checkpoint:firewall-1:4.1:sp2:*:*:*:*:*:*
  • OR cpe:/a:checkpoint:firewall-1:4.1_build_41439:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:checkpoint:vpn-1_firewall-1:4.1:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    checkpoint firewall-1 4.1
    checkpoint firewall-1 4.1 sp2
    checkpoint firewall-1 4.1_build_41439
    checkpoint vpn-1 firewall-1 4.1