Sign-up

ID

VAR-200012-0098


CVE

CVE-2000-1037


TITLE

Check Point Firewall-1 Session Agent Directory attack vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200012-078

DESCRIPTION

Check Point Firewall-1 session agent 3.0 through 4.1 generates different error messages for invalid user names versus invalid passwords, which allows remote attackers to determine valid usernames and guess a password via a brute force attack. A vulnerability exists in all versions of the Check Point Session Agent, part of Firewall-1. Session Agent works in such a way that the firewall will establish a connection back to the client machine. Upon doing so, it will prompt for a username, and if the username exists, a password. Upon failure, it will reprompt indefinitely. This allows for a simple brute force attack against the username and password

Trust: 1.26

sources: NVD: CVE-2000-1037 // BID: 1662 // VULHUB: VHN-2607

AFFECTED PRODUCTS

vendor:checkpointmodel:firewall-1scope:eqversion:4.0

Trust: 1.6

vendor:checkpointmodel:firewall-1scope:eqversion:3.0

Trust: 1.6

vendor:checkpointmodel:firewall-1scope:eqversion:4.1

Trust: 1.6

vendor:checkmodel:point software firewall-1scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software firewall-1scope:eqversion:4.0

Trust: 0.3

vendor:checkmodel:point software firewall-1scope:eqversion:3.0

Trust: 0.3

sources: BID: 1662 // CNNVD: CNNVD-200012-078 // NVD: CVE-2000-1037

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2000-1037
value: HIGH

Trust: 1.0

CNNVD: CNNVD-200012-078
value: HIGH

Trust: 0.6

VULHUB: VHN-2607
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2000-1037
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-2607
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-2607 // CNNVD: CNNVD-200012-078 // NVD: CVE-2000-1037

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2000-1037

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200012-078

TYPE

Design Error

Trust: 0.9

sources: BID: 1662 // CNNVD: CNNVD-200012-078

EXPLOIT AVAILABILITY

sources:
            
            
            VULHUB: VHN-2607

EXTERNAL IDS
db:NVDid:CVE-2000-1037
Trust: 2.0
db:BIDid:1662
Trust: 2.0
db:CNNVDid:CNNVD-200012-078
Trust: 0.7
db:BUGTRAQid:20000815 FIREWALL-1 SESSION AGENT 3.0 -> 4.1, DICTIONNARY AND BRUTE FORCE ATTACK
Trust: 0.6
db:EXPLOIT-DBid:20216
Trust: 0.1
db:EXPLOIT-DBid:20215
Trust: 0.1
db:SEEBUGid:SSVID-74101
Trust: 0.1
db:SEEBUGid:SSVID-74102
Trust: 0.1
db:VULHUBid:VHN-2607
Trust: 0.1
sources:
            
            
            VULHUB: VHN-2607 // 
            
            
            
            BID: 1662 // 
            
            
            
            CNNVD: CNNVD-200012-078 // 
            
            
            
            NVD: CVE-2000-1037

REFERENCES
url:http://www.securityfocus.com/bid/1662
Trust: 1.7
url:http://www.securityfocus.com/archive/1/76389
Trust: 1.7
url:http://www.checkpoint.com/techsupport/
Trust: 0.3
url:http://www.checkpoint.com/products/security/firewall-1.html
Trust: 0.3
url:http://www.checkpoint.com/techsupport/alerts/list_vun.html
Trust: 0.3
sources:
            
            
            VULHUB: VHN-2607 // 
            
            
            
            BID: 1662 // 
            
            
            
            CNNVD: CNNVD-200012-078 // 
            
            
            
            NVD: CVE-2000-1037

CREDITS
This vulnerability was posted to the Bugtraq mailing list on August 15, 2000 by gregory duchemin <c3rb3r@hotmail.com>
Trust: 0.9
sources:
            
            
            BID: 1662 // 
            
            
            
            CNNVD: CNNVD-200012-078

SOURCES
db:VULHUBid:VHN-2607
db:BIDid:1662
db:CNNVDid:CNNVD-200012-078
db:NVDid:CVE-2000-1037

LAST UPDATE DATE
2024-08-14T13:51:35.199000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-2607date:2008-09-05T00:00:00
db:BIDid:1662date:2009-07-11T02:56:00
db:CNNVDid:CNNVD-200012-078date:2005-10-20T00:00:00
db:NVDid:CVE-2000-1037date:2008-09-05T20:22:29.730

SOURCES RELEASE DATE
db:VULHUBid:VHN-2607date:2000-12-11T00:00:00
db:BIDid:1662date:2000-08-15T00:00:00
db:CNNVDid:CNNVD-200012-078date:2000-12-11T00:00:00
db:NVDid:CVE-2000-1037date:2000-12-11T05:00:00