ID
VAR-E-201105-0745
CVE
| cve_id: | CVE-2011-1827 | Trust: 0.3 |
TITLE
Multiple Check Point SSL VPN On-Demand Applications Remote Code Execution Vulnerability
Trust: 0.3
DESCRIPTION
Multiple Check Point SSL VPN on-demand applications are prone to a remote code-execution vulnerability.
Successful exploits will allow the attacker to execute arbitrary code within the context of the currently logged-in user. Failed exploit attempts will likely result in a denial-of-service condition.
Trust: 0.3
AFFECTED PRODUCTS
| vendor: | check | model: | point software secureplatform r75 | scope: | - | version: | - | Trust: 0.6 |
| vendor: | check | model: | point software secureplatform r70.40 | scope: | - | version: | - | Trust: 0.6 |
| vendor: | check | model: | point software vsx r67 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | check | model: | point software vsx r65.20 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | check | model: | point software secureplatform r71.30 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | check | model: | point software secureplatform r65.70 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | check | model: | point software ipso6 r75 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | check | model: | point software ipso6 r71.30 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | check | model: | point software ipso6 r70.40 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | check | model: | point software ipso6 r65.70 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | check | model: | point software connectra r66.1n | scope: | - | version: | - | Trust: 0.3 |
| vendor: | check | model: | point software connectra r66.1 | scope: | - | version: | - | Trust: 0.3 |
EXPLOIT
An exploit code and a video demonstrating the vulnerability is available. Please see the references for more information.
Trust: 0.3
PRICE
Free
Trust: 0.3
TYPE
Design Error
Trust: 0.3
CREDITS
Johannes Greil of SEC Consult Unternehmensberatung
Trust: 0.3
EXTERNAL IDS
| db: | NVD | id: | CVE-2011-1827 | Trust: 0.3 |
| db: | BID | id: | 47695 | Trust: 0.3 |
REFERENCES
| url: | https://www.sec-consult.com/files/20110810-0_checkpoint_deployment_agent_remote_file_upload_and_cmd_exec_cve-2011-1827.txt | Trust: 0.3 |
| url: | https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=&solutionid=sk62410 | Trust: 0.3 |
| url: | http://www.microsoft.com/technet/security/advisory/2562937.mspx | Trust: 0.3 |
| url: | http://www.checkpoint.com | Trust: 0.3 |
SOURCES
| db: | BID | id: | 47695 |
LAST UPDATE DATE
2022-07-27T09:22:19.728000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 47695 | date: | 2011-08-18T18:50:00 |
SOURCES RELEASE DATE
| db: | BID | id: | 47695 | date: | 2011-05-03T00:00:00 |