Remote Protocol Bypass Vulnerability in Check Point VPN-1/FireWall-1
CVE-2001-1158

Currently unrated

Key Information:

Vendor: Checkpoint
Status: Firewall-1
Vendor: CVE Published:; 9 July 2001

Summary

The vulnerability exists in Check Point's VPN-1/FireWall-1 version 4.1 due to a default macro, accept_fw1_rdp, which can be exploited by remote attackers. By sending crafted RDP headers to UDP port 259 on arbitrary hosts, attackers may bypass the intended restrictions, leading to unauthorized access. This issue highlights the importance of securing default configurations and regularly updating security measures to prevent exploitation.

References

http://www.securityfocus.com/bid/2952

vdb-entryx_refsource_BID

http://archives.neohapsis.com/archives/bugtraq/2001-07/01...

mailing-listx_refsource_BUGTRAQ

http://www.checkpoint.com/techsupport/alerts/rdp.html

vendor-advisoryx_refsource_CHECKPOINT

Timeline

Vulnerability Reserved
Mar 15, 2002
Vulnerability published
Jul 9, 2001