Sign-up

ID

VAR-200109-0040


CVE

CVE-2001-0940


TITLE

Check Point Firewall-1 GUI Log Viewer Vulnerability

Trust: 0.9

sources: BID: 3336 // CNNVD: CNNVD-200109-120

DESCRIPTION

Buffer overflow in the GUI authentication code of Check Point VPN-1/FireWall-1 Management Server 4.0 and 4.1 allows remote attackers to execute arbitrary code via a long user name. Firewall-1 is a popular stateful-inspection firewall. It has been reported that Firewall-1 may contain a buffer overflow vulnerability. The vulnerability is allegedly in logging of authentication attempts by GUI log viewing clients. The attack must be launched from hosts who are permitted to view logs via the GUI interface. This vulnerability is present only in the Windows NT and 2000 versions of the product

Trust: 1.98

sources: NVD: CVE-2001-0940 // JVNDB: JVNDB-2001-000142 // BID: 3336 // VULHUB: VHN-3747

AFFECTED PRODUCTS

vendor:checkpointmodel:firewall-1scope:eqversion:4.0

Trust: 1.6

vendor:checkpointmodel:firewall-1scope:eqversion:4.1

Trust: 1.6

vendor:check pointmodel:vpn-1/firewall-1scope:lteversion:4.0sp8

Trust: 0.8

vendor:check pointmodel:vpn-1/firewall-1scope:lteversion:4.1sp5

Trust: 0.8

vendor:check pointmodel:vpn-1/firewall-1scope:eqversion:ng hotfix 2

Trust: 0.8

vendor:checkmodel:point software nokia voyagerscope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp5scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp4scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp3scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp2scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp1scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software firewall-1scope:eqversion:4.1

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp8scope:eqversion:4.0

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp7scope:eqversion:4.0

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp6scope:eqversion:4.0

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp5scope:eqversion:4.0

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp4scope:eqversion:4.0

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp3scope:eqversion:4.0

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp2scope:eqversion:4.0

Trust: 0.3

vendor:checkmodel:point software firewall-1 sp1scope:eqversion:4.0

Trust: 0.3

vendor:checkmodel:point software firewall-1scope:eqversion:4.0

Trust: 0.3

sources: BID: 3336 // JVNDB: JVNDB-2001-000142 // CNNVD: CNNVD-200109-120 // NVD: CVE-2001-0940

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2001-0940
value: HIGH

Trust: 1.0

NVD: CVE-2001-0940
value: HIGH

Trust: 0.8

CNNVD: CNNVD-200109-120
value: HIGH

Trust: 0.6

VULHUB: VHN-3747
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2001-0940
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-3747
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-3747 // JVNDB: JVNDB-2001-000142 // CNNVD: CNNVD-200109-120 // NVD: CVE-2001-0940

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2001-0940

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200109-120

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-200109-120

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2001-000142

PATCH
title:2001-09-19-00url:http://www.checkpoint.com/techsupport/alerts/buffer_overflow.html
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2001-000142

EXTERNAL IDS
db:BIDid:3336
Trust: 2.8
db:NVDid:CVE-2001-0940
Trust: 2.5
db:OSVDBid:1951
Trust: 1.7
db:JVNDBid:JVNDB-2001-000142
Trust: 0.8
db:CNNVDid:CNNVD-200109-120
Trust: 0.7
db:CHECKPOINTid:20010919 GUI BUFFER OVERFLOW
Trust: 0.6
db:XFid:7145
Trust: 0.6
db:XFid:1
Trust: 0.6
db:BUGTRAQid:20011130 FW: FIREWALL-1 REMOTE SYSTEM SHELL BUFFER OVERFLOW
Trust: 0.6
db:BUGTRAQid:20011128 FIREWALL-1 REMOTE SYSTEM SHELL BUFFER OVERFLOW
Trust: 0.6
db:BUGTRAQid:20010919 CHECK POINT FIREWALL-1 GUI LOG VIEWER VULNERABILITY (VULDB 3336)
Trust: 0.6
db:WIN2KSECid:20010921 CHECK POINT FIREWALL-1 GUI BUFFER OVERFLOW
Trust: 0.6
db:VULHUBid:VHN-3747
Trust: 0.1
sources:
            
            
            VULHUB: VHN-3747 // 
            
            
            
            BID: 3336 // 
            
            
            
            JVNDB: JVNDB-2001-000142 // 
            
            
            
            CNNVD: CNNVD-200109-120 // 
            
            
            
            NVD: CVE-2001-0940

REFERENCES
url:http://www.securityfocus.com/bid/3336
Trust: 2.5
url:http://www.checkpoint.com/techsupport/alerts/buffer_overflow.html
Trust: 2.0
url:http://cert.uni-stuttgart.de/archive/bugtraq/2001/11/msg00291.html
Trust: 1.7
url:http://www.osvdb.org/1951
Trust: 1.7
url:http://archives.neohapsis.com/archives/win2ksecadvice/2001-q3/0151.html
Trust: 1.7
url:http://marc.info/?l=bugtraq&m=100094268017271&w=2
Trust: 1.1
url:http://marc.info/?l=bugtraq&m=100698954308436&w=2
Trust: 1.1
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/7145
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2001-0940
Trust: 0.8
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2001-0940
Trust: 0.8
url:http://marc.theaimsgroup.com/?l=bugtraq&m=100698954308436&w=2
Trust: 0.6
url:http://xforce.iss.net/static/7145.php
Trust: 0.6
url:http://marc.theaimsgroup.com/?l=bugtraq&m=100094268017271&w=2
Trust: 0.6
url:http://www.checkpoint.com/techsupport/
Trust: 0.3
url:http://www.checkpoint.com/products/security/firewall-1.html
Trust: 0.3
sources:
            
            
            VULHUB: VHN-3747 // 
            
            
            
            BID: 3336 // 
            
            
            
            JVNDB: JVNDB-2001-000142 // 
            
            
            
            CNNVD: CNNVD-200109-120 // 
            
            
            
            NVD: CVE-2001-0940

CREDITS
This vulnerability was initially discovered by the QinetiQ SHC Security Research Team, and was announced by <indig0@talk21.com>.
Trust: 0.9
sources:
            
            
            BID: 3336 // 
            
            
            
            CNNVD: CNNVD-200109-120

SOURCES
db:VULHUBid:VHN-3747
db:BIDid:3336
db:JVNDBid:JVNDB-2001-000142
db:CNNVDid:CNNVD-200109-120
db:NVDid:CVE-2001-0940

LAST UPDATE DATE
2024-08-14T12:44:08.418000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-3747date:2017-10-10T00:00:00
db:BIDid:3336date:2001-09-12T00:00:00
db:JVNDBid:JVNDB-2001-000142date:2007-04-01T00:00:00
db:CNNVDid:CNNVD-200109-120date:2005-05-02T00:00:00
db:NVDid:CVE-2001-0940date:2017-10-10T01:29:56.797

SOURCES RELEASE DATE
db:VULHUBid:VHN-3747date:2001-09-21T00:00:00
db:BIDid:3336date:2001-09-12T00:00:00
db:JVNDBid:JVNDB-2001-000142date:2007-04-01T00:00:00
db:CNNVDid:CNNVD-200109-120date:2001-09-21T00:00:00
db:NVDid:CVE-2001-0940date:2001-09-21T04:00:00