| Vulnerability Name: | CVE-2001-1431 (CCN-8293) | ||||||||
| Assigned: | 2001-10-08 | ||||||||
| Published: | 2001-10-08 | ||||||||
| Updated: | 2017-07-11 | ||||||||
| Summary: | Nokia Firewall Appliances running IPSO 3.3 and VPN-1/FireWall-1 4.1 Service Pack 3, IPSO 3.4 and VPN-1/FireWall-1 4.1 Service Pack 4, and IPSO 3.4 or IPSO 3.4.1 and VPN-1/FireWall-1 4.1 Service Pack 5, when SYN Defender is configured in Active Gateway mode, does not properly rewrite the third packet of a TCP three-way handshake to use the NAT IP address, which allows remote attackers to gain sensitive information. | ||||||||
| CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
| ||||||||
| CVSS v2 Severity: | 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Bypass Security | ||||||||
| References: | Source: MITRE Type: CNA CVE-2001-1431 Source: CCN Type: Check Point Web site Check Point Downloads Source: CCN Type: US-CERT VU#258731 Check Point VPN-1/FireWall-1 4.1 on Nokia IPXXX firewall appliance retransmits original packets Source: CERT-VN Type: US Government Resource VU#258731 Source: CCN Type: OSVDB ID: 19130 Nokia Firewall SYN Defender Active Gateway Mode NAT IP Address Disclosure Source: XF Type: UNKNOWN nokia-cp-packet-retransmission(8293) Source: XF Type: UNKNOWN nokia-cp-packet-retransmission(8293) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration 2: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||