IP Address Enumeration Vulnerability in Check Point FireWall-1
CVE-2003-0757

Currently unrated

Key Information:

Vendor: Checkpoint
Status: Firewall-1
Vendor: CVE Published:; 20 October 2003

Summary

Certain versions of Check Point FireWall-1, specifically 4.0 and 4.1 prior to Service Pack 5, are susceptible to an exposure that allows remote attackers to enumerate internal IP addresses. This is achieved by sending specific SecuRemote requests to TCP ports 256 or 264, which results in the internal IP addresses being leaked in the response packets. Such vulnerabilities can compromise the security of internal networks, enabling attackers to gain insights into potentially exploitable resources.

References

http://archives.neohapsis.com/archives/bugtraq/2003-09/00...

mailing-listx_refsource_BUGTRAQ

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Oct 20, 2003