Details of VAR-200001-0018

ID

VAR-200001-0018

CVE

CVE-2000-0116

TITLE

Check Point Firewall-1 Script tag check bypass vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200001-062

DESCRIPTION

Firewall-1 does not properly filter script tags, which allows remote attackers to bypass the "Strip Script Tags" restriction by including an extra < in front of the SCRIPT tag. Firewall-1 includes the ability to alter script tags in HTML pages before passing them to the client's browser. This alteration invalidates the tag, rendering the script unexecutable by the browser. In version 3, this function can be bypassed by adding an extra opening angle bracket. The tag will be left unmodified, and the browser will be able to execute the contained script. Hostile script could lead to a remote compromise of the client system. Firewall-1 version 4 will alter the tag as expected

Trust: 1.26

sources: NVD: CVE-2000-0116 // BID: 954 // VULHUB: VHN-1695

AFFECTED PRODUCTS

vendor:	checkpoint	model:	firewall-1	scope:	eq	version:	3.0	Trust: 1.6
vendor:	check	model:	point software firewall-1	scope:	eq	version:	3.0	Trust: 0.3
vendor:	check	model:	point software firewall-1	scope:	ne	version:	4.0	Trust: 0.3

sources: BID: 954 // CNNVD: CNNVD-200001-062 // NVD: CVE-2000-0116

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2000-0116
value:	HIGH
Trust: 1.0
CNNVD:	CNNVD-200001-062
value:	HIGH
Trust: 0.6
VULHUB:	VHN-1695
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2000-0116
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-1695
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-1695 // CNNVD: CNNVD-200001-062 // NVD: CVE-2000-0116

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2000-0116

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200001-062

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-200001-062

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-1695

EXTERNAL IDS

db:	BID	id:	954	Trust: 2.0
db:	NVD	id:	CVE-2000-0116	Trust: 1.7
db:	OSVDB	id:	1212	Trust: 1.7
db:	CNNVD	id:	CNNVD-200001-062	Trust: 0.7
db:	SEEBUG	id:	SSVID-73648	Trust: 0.1
db:	EXPLOIT-DB	id:	19732	Trust: 0.1
db:	VULHUB	id:	VHN-1695	Trust: 0.1

sources: VULHUB: VHN-1695 // BID: 954 // CNNVD: CNNVD-200001-062 // NVD: CVE-2000-0116

REFERENCES

url:	http://www.securityfocus.com/bid/954	Trust: 1.7
url:	http://www.osvdb.org/1212	Trust: 1.7
url:	-	Trust: 0.1

sources: VULHUB: VHN-1695 // CNNVD: CNNVD-200001-062 // NVD: CVE-2000-0116

CREDITS

Discovered and posted to Bugtraq by Arne Vidstrom <arne.vidstrom@ntsecurity.nu>.

Trust: 0.9

sources: BID: 954 // CNNVD: CNNVD-200001-062

SOURCES

db:	VULHUB	id:	VHN-1695
db:	BID	id:	954
db:	CNNVD	id:	CNNVD-200001-062
db:	NVD	id:	CVE-2000-0116

LAST UPDATE DATE

2024-08-14T14:59:35.801000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-1695	date:	2008-09-10T00:00:00
db:	BID	id:	954	date:	2000-01-29T00:00:00
db:	CNNVD	id:	CNNVD-200001-062	date:	2006-04-07T00:00:00
db:	NVD	id:	CVE-2000-0116	date:	2008-09-10T19:02:56.163

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-1695	date:	2000-01-29T00:00:00
db:	BID	id:	954	date:	2000-01-29T00:00:00
db:	CNNVD	id:	CNNVD-200001-062	date:	2000-01-29T00:00:00
db:	NVD	id:	CVE-2000-0116	date:	2000-01-29T05:00:00