Remote Protocol Bypass Vulnerability in Check Point VPN-1/FireWall-1
CVE-2001-1158

Currently unrated

Key Information:

Vendor
Checkpoint
Vendor
CVE Published:
9 July 2001

Summary

The vulnerability exists in Check Point's VPN-1/FireWall-1 version 4.1 due to a default macro, accept_fw1_rdp, which can be exploited by remote attackers. By sending crafted RDP headers to UDP port 259 on arbitrary hosts, attackers may bypass the intended restrictions, leading to unauthorized access. This issue highlights the importance of securing default configurations and regularly updating security measures to prevent exploitation.

References

Timeline

  • Vulnerability Reserved

  • Vulnerability published

.