IP Address Enumeration Vulnerability in Check Point FireWall-1
CVE-2003-0757

Currently unrated

Key Information:

Vendor
Checkpoint
Vendor
CVE Published:
20 October 2003

Summary

Certain versions of Check Point FireWall-1, specifically 4.0 and 4.1 prior to Service Pack 5, are susceptible to an exposure that allows remote attackers to enumerate internal IP addresses. This is achieved by sending specific SecuRemote requests to TCP ports 256 or 264, which results in the internal IP addresses being leaked in the response packets. Such vulnerabilities can compromise the security of internal networks, enabling attackers to gain insights into potentially exploitable resources.

References

Timeline

  • Vulnerability Reserved

  • Vulnerability published

.