Details of VAR-200507-0210

ID

VAR-200507-0210

CVE

CVE-2005-2313

TITLE

Check Point SecuRemote NG Privilege escalation vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200507-231

DESCRIPTION

Check Point SecuRemote NG with Application Intelligence R54 allows attackers to obtain credentials and gain privileges via unknown attack vectors. Check Point SecuRemote NG is affected by a local information disclosure vulnerability. This issue may allow an attacker to disclose authentication credentials used to access the VPN application. An attacker could use the information gathered through the exploitation of this vulnerability to gain access to or carry out other attacks against an affected computer or the network protected by the VPN. SecuRemoteNG is Check Point's firewall and VPN system

Trust: 1.26

sources: NVD: CVE-2005-2313 // BID: 14221 // VULHUB: VHN-13522

AFFECTED PRODUCTS

vendor:	checkpoint	model:	secureclient ng	scope:	eq	version:	r54	Trust: 0.6
vendor:	check	model:	point software securemote ng with application intelligence r54	scope:	-	version:	-	Trust: 0.3

sources: BID: 14221 // CNNVD: CNNVD-200507-231

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2005-2313
value:	HIGH
Trust: 1.0
CNNVD:	CNNVD-200507-231
value:	HIGH
Trust: 0.6
VULHUB:	VHN-13522
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2005-2313
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-13522
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-13522 // CNNVD: CNNVD-200507-231 // NVD: CVE-2005-2313

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2005-2313

THREAT TYPE

local

Trust: 0.9

sources: BID: 14221 // CNNVD: CNNVD-200507-231

TYPE

Design Error

Trust: 0.9

sources: BID: 14221 // CNNVD: CNNVD-200507-231

EXTERNAL IDS

db:	BID	id:	14221	Trust: 2.0
db:	NVD	id:	CVE-2005-2313	Trust: 1.7
db:	CNNVD	id:	CNNVD-200507-231	Trust: 0.7
db:	VULHUB	id:	VHN-13522	Trust: 0.1

sources: VULHUB: VHN-13522 // BID: 14221 // CNNVD: CNNVD-200507-231 // NVD: CVE-2005-2313

REFERENCES

url:	http://www.securityfocus.com/bid/14221	Trust: 1.7
url:	http://www.checkpoint.com/techsupport/	Trust: 0.3

sources: VULHUB: VHN-13522 // BID: 14221 // CNNVD: CNNVD-200507-231 // NVD: CVE-2005-2313

CREDITS

Discovery is credited to Sylvain ROGER <sylvain.roger@solucom.fr>.

Trust: 0.9

sources: BID: 14221 // CNNVD: CNNVD-200507-231

SOURCES

db:	VULHUB	id:	VHN-13522
db:	BID	id:	14221
db:	CNNVD	id:	CNNVD-200507-231
db:	NVD	id:	CVE-2005-2313

LAST UPDATE DATE

2024-08-14T15:36:04.511000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-13522	date:	2008-09-05T00:00:00
db:	BID	id:	14221	date:	2005-07-12T00:00:00
db:	CNNVD	id:	CNNVD-200507-231	date:	2006-01-04T00:00:00
db:	NVD	id:	CVE-2005-2313	date:	2008-09-05T20:51:26.897

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-13522	date:	2005-07-19T00:00:00
db:	BID	id:	14221	date:	2005-07-12T00:00:00
db:	CNNVD	id:	CNNVD-200507-231	date:	2005-07-19T00:00:00
db:	NVD	id:	CVE-2005-2313	date:	2005-07-19T04:00:00