Remote Protocol Bypass Vulnerability in Check Point VPN-1/FireWall-1
CVE-2001-1158

Currently unrated

Key Information:

Vendor: Checkpoint
Status: Firewall-1
Vendor: CVE Published:; 9 July 2001

What is CVE-2001-1158?

The vulnerability exists in Check Point's VPN-1/FireWall-1 version 4.1 due to a default macro, accept_fw1_rdp, which can be exploited by remote attackers. By sending crafted RDP headers to UDP port 259 on arbitrary hosts, attackers may bypass the intended restrictions, leading to unauthorized access. This issue highlights the importance of securing default configurations and regularly updating security measures to prevent exploitation.

References

http://www.securityfocus.com/bid/2952

vdb-entryx_refsource_BID

http://archives.neohapsis.com/archives/bugtraq/2001-07/01...

mailing-listx_refsource_BUGTRAQ

http://www.checkpoint.com/techsupport/alerts/rdp.html

vendor-advisoryx_refsource_CHECKPOINT

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Mar 15, 2002
Vulnerability published
Jul 9, 2001

Checkpoint

What is CVE-2001-1158?

References

Timeline