Vulnerability Name:
CVE-2002-0428 (CCN-8423)
Assigned:
2002-03-08
Published:
2002-03-08
Updated:
2008-09-05
Summary:
Check Point FireWall-1 SecuRemote/SecuClient 4.0 and 4.1 allows clients to bypass the "authentication timeout" by modifying the to_expire or expire values in the client's users.C configuration file.
CVSS v3 Severity:
7.3 High
(CCN CVSS v3.1 Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
)
Exploitability Metrics:
Attack Vector (AV):
Network
Attack Complexity (AC):
Low
Privileges Required (PR):
None
User Interaction (UI):
None
Scope:
Scope (S):
Unchanged
Impact Metrics:
Confidentiality (C):
Low
Integrity (I):
Low
Availibility (A):
Low
CVSS v2 Severity:
7.5 High
(CVSS v2 Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
)
Exploitability Metrics:
Access Vector (AV):
Network
Access Complexity (AC):
Low
Authentication (Au):
None
Impact Metrics:
Confidentiality (C):
Partial
Integrity (I):
Partial
Availibility (A):
Partial
7.5 High
(CCN CVSS v2 Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
)
Exploitability Metrics:
Access Vector (AV):
Network
Access Complexity (AC):
Low
Athentication (Au):
None
Impact Metrics:
Confidentiality (C):
Partial
Integrity (I):
Partial
Availibility (A):
Partial
Vulnerability Type:
CWE-Other
Vulnerability Consequences:
Bypass Security
References:
Source: CCN
Type: BugTraq Mailing List, Fri Mar 08 2002 - 01:32:02 CST
Checkpoint FW1 SecuRemote/SecureClient "re-authentication" (client side hacks of users.C)
Source: MITRE
Type: CNA
CVE-2002-0428
Source: BUGTRAQ
Type: Vendor Advisory
20020308 Checkpoint FW1 SecuRemote/SecureClient "re-authentication" (client side hacks of users.C)
Source: XF
Type: Patch, Vendor Advisory
fw1-authentication-bypass-timeouts(8423)
Source: CCN
Type: OSVDB ID: 4430
Check Point FireWall-1 Authentication Timeout Bypass
Source: BID
Type: Exploit, Patch, Vendor Advisory
4253
Source: CCN
Type: BID-4253
Check Point FW-1 SecuClient/SecuRemote Client Design Vulnerability
Source: XF
Type: UNKNOWN
fw1-authentication-bypass-timeouts(8423)
Vulnerable Configuration:
Configuration 1
:
cpe:/a:checkpoint:check_point_vpn:1_4.1:*:*:*:*:*:*:*
OR
cpe:/a:checkpoint:check_point_vpn:1_4.1_sp1:*:*:*:*:*:*:*
OR
cpe:/a:checkpoint:check_point_vpn:1_4.1_sp2:*:*:*:*:*:*:*
OR
cpe:/a:checkpoint:check_point_vpn:1_4.1_sp3:*:*:*:*:*:*:*
OR
cpe:/a:checkpoint:check_point_vpn:1_4.1_sp4:*:*:*:*:*:*:*
OR
cpe:/a:checkpoint:firewall-1:4.0:*:*:*:*:*:*:*
OR
cpe:/a:checkpoint:firewall-1:4.0:sp1:*:*:*:*:*:*
OR
cpe:/a:checkpoint:firewall-1:4.0:sp2:*:*:*:*:*:*
OR
cpe:/a:checkpoint:firewall-1:4.0:sp3:*:*:*:*:*:*
OR
cpe:/a:checkpoint:firewall-1:4.0:sp4:*:*:*:*:*:*
OR
cpe:/a:checkpoint:firewall-1:4.0:sp5:*:*:*:*:*:*
OR
cpe:/a:checkpoint:firewall-1:4.0:sp6:*:*:*:*:*:*
OR
cpe:/a:checkpoint:firewall-1:4.0:sp7:*:*:*:*:*:*
OR
cpe:/a:checkpoint:firewall-1:4.0:sp8:*:*:*:*:*:*
OR
cpe:/a:checkpoint:firewall-1:4.1:*:*:*:*:*:*:*
OR
cpe:/a:checkpoint:firewall-1:4.1:sp1:*:*:*:*:*:*
OR
cpe:/a:checkpoint:firewall-1:4.1:sp2:*:*:*:*:*:*
OR
cpe:/a:checkpoint:firewall-1:4.1:sp3:*:*:*:*:*:*
OR
cpe:/a:checkpoint:firewall-1:4.1:sp4:*:*:*:*:*:*
OR
cpe:/a:checkpoint:firewall-1:4.1:sp5:*:*:*:*:*:*
OR
cpe:/a:checkpoint:next_generation:*:*:*:*:*:*:*:*
Configuration CCN 1
:
cpe:/a:checkpoint:firewall-1:4.0:*:*:*:*:*:*:*
OR
cpe:/a:checkpoint:firewall-1:4.1:*:*:*:*:*:*:*
Denotes that component is vulnerable
BACK
checkpoint
check point vpn 1_4.1
checkpoint
check point vpn 1_4.1_sp1
checkpoint
check point vpn 1_4.1_sp2
checkpoint
check point vpn 1_4.1_sp3
checkpoint
check point vpn 1_4.1_sp4
checkpoint
firewall-1 4.0
checkpoint
firewall-1 4.0 sp1
checkpoint
firewall-1 4.0 sp2
checkpoint
firewall-1 4.0 sp3
checkpoint
firewall-1 4.0 sp4
checkpoint
firewall-1 4.0 sp5
checkpoint
firewall-1 4.0 sp6
checkpoint
firewall-1 4.0 sp7
checkpoint
firewall-1 4.0 sp8
checkpoint
firewall-1 4.1
checkpoint
firewall-1 4.1 sp1
checkpoint
firewall-1 4.1 sp2
checkpoint
firewall-1 4.1 sp3
checkpoint
firewall-1 4.1 sp4
checkpoint
firewall-1 4.1 sp5
checkpoint
next generation *
checkpoint
firewall-1 4.0
checkpoint
firewall-1 4.1
Denotes that component is vulnerable