Overview
The Check Point VPN-1 firewall contains an information disclosure vulnerability that may allow an authenticated attacker to access data that they are not authorized to access.
Description
The Check Point VPN-1 is an application layer firewall that supports remote and site-to-site virtual private networks (VPN). From Check Point Solution ID sk34579 |
Impact
A remote, authenticated attacker may be able to intercept data that they are not authorized to access. |
Solution
Upgrade Check Point has released an update to address this vulnerability. Administrators should see Check Point Solution ID sk34579 for information about how to obtain fixed software. |
|
Vendor Information
CVSS Metrics
Group | Score | Vector |
---|---|---|
Base | ||
Temporal | ||
Environmental |
References
Acknowledgements
Thanks to Robert Mitchell of Pursecurity and Check Point for information that was used in this report.
This document was written by Ryan Giobbi.
Other Information
CVE IDs: | None |
Severity Metric: | 2.36 |
Date Public: | 2008-03-18 |
Date First Published: | 2008-03-18 |
Date Last Updated: | 2008-03-18 17:47 UTC |
Document Revision: | 30 |