Details of VAR-200412-0732

ID

VAR-200412-0732

CVE

CVE-2004-2679

TITLE

Check Point Firewall-1 Internet Key Exchange Information Disclosure Vulnerability

Trust: 0.9

sources: BID: 10558 // CNNVD: CNNVD-200412-941

DESCRIPTION

Check Point Firewall-1 4.1 up to NG AI R55 allows remote attackers to obtain potentially sensitive information by sending an Internet Key Exchange (IKE) with a certain Vendor ID payload that causes Firewall-1 to return a response containing version and other information. This issue is due to a design error that may present sensitive information to an attacker. An attacker can leverage this issue to disclose information about the affected firewall product including the version number and various details about the firewall's capabilities. Furthermore this issue would facilitate fingerprinting or identifying a firewall by carrying out active scans. There are vulnerabilities in Check Point Firewall-1 version 4.1 up to NG AI R55

Trust: 1.26

sources: NVD: CVE-2004-2679 // BID: 10558 // VULHUB: VHN-11107

AFFECTED PRODUCTS

vendor:	checkpoint	model:	firewall-1	scope:	eq	version:	4.0	Trust: 1.6
vendor:	checkpoint	model:	firewall-1	scope:	eq	version:	4.1	Trust: 1.6
vendor:	checkpoint	model:	firewall-1	scope:	eq	version:	r55	Trust: 1.0
vendor:	check	model:	point software nokia voyager	scope:	eq	version:	4.1	Trust: 0.3
vendor:	check	model:	point software ng-ai r55	scope:	-	version:	-	Trust: 0.3
vendor:	check	model:	point software ng-ai r54	scope:	-	version:	-	Trust: 0.3
vendor:	check	model:	point software ng-ai	scope:	-	version:	-	Trust: 0.3
vendor:	check	model:	point software next generation fp3 hf2	scope:	-	version:	-	Trust: 0.3
vendor:	check	model:	point software next generation fp3 hf1	scope:	-	version:	-	Trust: 0.3
vendor:	check	model:	point software next generation fp3	scope:	-	version:	-	Trust: 0.3
vendor:	check	model:	point software next generation fp2	scope:	-	version:	-	Trust: 0.3
vendor:	check	model:	point software next generation fp1	scope:	-	version:	-	Trust: 0.3
vendor:	check	model:	point software firewall-1 sp6	scope:	eq	version:	4.1	Trust: 0.3
vendor:	check	model:	point software firewall-1 sp5a	scope:	eq	version:	4.1	Trust: 0.3
vendor:	check	model:	point software firewall-1 sp5	scope:	eq	version:	4.1	Trust: 0.3
vendor:	check	model:	point software firewall-1 sp4	scope:	eq	version:	4.1	Trust: 0.3
vendor:	check	model:	point software firewall-1 sp3	scope:	eq	version:	4.1	Trust: 0.3
vendor:	check	model:	point software firewall-1 sp2	scope:	eq	version:	4.1	Trust: 0.3
vendor:	check	model:	point software firewall-1 sp1	scope:	eq	version:	4.1	Trust: 0.3
vendor:	check	model:	point software firewall-1	scope:	eq	version:	4.1	Trust: 0.3
vendor:	check	model:	point software firewall-1 sp8	scope:	eq	version:	4.0	Trust: 0.3
vendor:	check	model:	point software firewall-1 sp7	scope:	eq	version:	4.0	Trust: 0.3
vendor:	check	model:	point software firewall-1 sp6	scope:	eq	version:	4.0	Trust: 0.3
vendor:	check	model:	point software firewall-1 sp5	scope:	eq	version:	4.0	Trust: 0.3
vendor:	check	model:	point software firewall-1 sp4	scope:	eq	version:	4.0	Trust: 0.3
vendor:	check	model:	point software firewall-1 sp3	scope:	eq	version:	4.0	Trust: 0.3
vendor:	check	model:	point software firewall-1 sp2	scope:	eq	version:	4.0	Trust: 0.3
vendor:	check	model:	point software firewall-1 sp1	scope:	eq	version:	4.0	Trust: 0.3
vendor:	check	model:	point software firewall-1	scope:	eq	version:	4.0	Trust: 0.3

sources: BID: 10558 // CNNVD: CNNVD-200412-941 // NVD: CVE-2004-2679

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2004-2679
value:	HIGH
Trust: 1.0
CNNVD:	CNNVD-200412-941
value:	HIGH
Trust: 0.6
VULHUB:	VHN-11107
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2004-2679
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:C/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-11107
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:C/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-11107 // CNNVD: CNNVD-200412-941 // NVD: CVE-2004-2679

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2004-2679

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200412-941

TYPE

Design Error

Trust: 0.9

sources: BID: 10558 // CNNVD: CNNVD-200412-941

EXTERNAL IDS

db:	BID	id:	10558	Trust: 2.0
db:	NVD	id:	CVE-2004-2679	Trust: 1.7
db:	CNNVD	id:	CNNVD-200412-941	Trust: 0.7
db:	FULLDISC	id:	20040616 CHECKPOINT FIREWALL-1 IKE VENDOR ID INFORMATION LEAKAGE	Trust: 0.6
db:	XF	id:	16434	Trust: 0.6
db:	XF	id:	1	Trust: 0.6
db:	VULHUB	id:	VHN-11107	Trust: 0.1

sources: VULHUB: VHN-11107 // BID: 10558 // CNNVD: CNNVD-200412-941 // NVD: CVE-2004-2679

REFERENCES

url:	http://www.securityfocus.com/bid/10558	Trust: 1.7
url:	http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0477.html	Trust: 1.7
url:	http://www.nta-monitor.com/news/checkpoint2004/index.htm	Trust: 1.7
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/16434	Trust: 1.1
url:	http://xforce.iss.net/xforce/xfdb/16434	Trust: 0.6
url:	http://www.checkpoint.com/products/security/firewall-1.html	Trust: 0.3
url:	/archive/1/366264	Trust: 0.3

sources: VULHUB: VHN-11107 // BID: 10558 // CNNVD: CNNVD-200412-941 // NVD: CVE-2004-2679

CREDITS

Disclosure of this issue is credited to Roy Hills <Roy.Hills@nta-monitor.com>.

Trust: 0.9

sources: BID: 10558 // CNNVD: CNNVD-200412-941

SOURCES

db:	VULHUB	id:	VHN-11107
db:	BID	id:	10558
db:	CNNVD	id:	CNNVD-200412-941
db:	NVD	id:	CVE-2004-2679

LAST UPDATE DATE

2024-08-14T12:48:47.647000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-11107	date:	2017-07-29T00:00:00
db:	BID	id:	10558	date:	2004-06-16T00:00:00
db:	CNNVD	id:	CNNVD-200412-941	date:	2007-02-28T00:00:00
db:	NVD	id:	CVE-2004-2679	date:	2017-07-29T01:29:16.310

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-11107	date:	2004-12-31T00:00:00
db:	BID	id:	10558	date:	2004-06-16T00:00:00
db:	CNNVD	id:	CNNVD-200412-941	date:	2004-12-31T00:00:00
db:	NVD	id:	CVE-2004-2679	date:	2004-12-31T05:00:00