ID

VAR-199805-0007


CVE

CVE-1999-1204


TITLE

Check Point Firewall Vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-199805-009

DESCRIPTION

Check Point Firewall-1 does not properly handle certain restricted keywords (e.g., Mail, auth, time) in user-defined objects, which could produce a rule with a default "ANY" address and result in access to more systems than intended by the administrator. Firewall-1 is prone to a remote security vulnerability. Attackers can exploit this issue to perform unauthorized actions. This may aid in further attacks

Trust: 1.26

sources: NVD: CVE-1999-1204 // BID: 88630 // VULHUB: VHN-1185

AFFECTED PRODUCTS

vendor:checkpointmodel:firewall-1scope:eqversion:*

Trust: 1.0

vendor:checkpointmodel:firewall-1scope: - version: -

Trust: 0.6

vendor:checkmodel:point software firewall-1 r55w hfa3scope: - version: -

Trust: 0.3

sources: BID: 88630 // CNNVD: CNNVD-199805-009 // NVD: CVE-1999-1204

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-1999-1204
value: HIGH

Trust: 1.0

CNNVD: CNNVD-199805-009
value: HIGH

Trust: 0.6

VULHUB: VHN-1185
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-1999-1204
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-1185
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-1185 // CNNVD: CNNVD-199805-009 // NVD: CVE-1999-1204

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-1999-1204

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-199805-009

TYPE

unknown

Trust: 0.6

sources: CNNVD: CNNVD-199805-009

EXTERNAL IDS

db:NVDid:CVE-1999-1204

Trust: 2.0

db:OSVDBid:4416

Trust: 1.7

db:XFid:7293

Trust: 0.9

db:BUGTRAQid:19980511 FIREWALL-1 RESERVED KEYWORDS VULNERABILITY

Trust: 0.6

db:XFid:1

Trust: 0.6

db:CNNVDid:CNNVD-199805-009

Trust: 0.6

db:BIDid:88630

Trust: 0.4

db:VULHUBid:VHN-1185

Trust: 0.1

sources: VULHUB: VHN-1185 // BID: 88630 // CNNVD: CNNVD-199805-009 // NVD: CVE-1999-1204

REFERENCES

url:http://www.checkpoint.com/techsupport/config/keywords.html

Trust: 3.0

url:http://www.osvdb.org/4416

Trust: 2.7

url:http://marc.info/?l=bugtraq&m=90221101925912&w=2

Trust: 2.1

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/7293

Trust: 2.1

url:http://marc.theaimsgroup.com/?l=bugtraq&m=90221101925912&w=2

Trust: 0.9

url:http://xforce.iss.net/static/7293.php

Trust: 0.9

sources: VULHUB: VHN-1185 // BID: 88630 // CNNVD: CNNVD-199805-009 // NVD: CVE-1999-1204

CREDITS

Unknown

Trust: 0.3

sources: BID: 88630

SOURCES

db:VULHUBid:VHN-1185
db:BIDid:88630
db:CNNVDid:CNNVD-199805-009
db:NVDid:CVE-1999-1204

LAST UPDATE DATE

2024-11-22T20:22:16.532000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-1185date:2017-10-10T00:00:00
db:BIDid:88630date:1998-05-11T00:00:00
db:CNNVDid:CNNVD-199805-009date:2006-01-04T00:00:00
db:NVDid:CVE-1999-1204date:2024-11-20T23:30:33.767

SOURCES RELEASE DATE

db:VULHUBid:VHN-1185date:1998-05-11T00:00:00
db:BIDid:88630date:1998-05-11T00:00:00
db:CNNVDid:CNNVD-199805-009date:1998-05-11T00:00:00
db:NVDid:CVE-1999-1204date:1998-05-11T04:00:00