Back to search
CVE-2008-1397
Published: Mar 20, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
Check Point VPN-1 Power/UTM, with NGX R60 through R65 and NG AI R55 software, allows remote authenticated users to cause a denial of service (site-to-site VPN tunnel outage), and possibly intercept network traffic, by configuring the local RFC1918 IP address to be the same as one of this tunnel's endpoint RFC1918 IP addresses, and then using SecuRemote to connect to a network interface at the other endpoint.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://puresecurity.com.au/index.php?action=fullnews&id=5
x_refsource_MISC
28299
vdb-entry
x_refsource_BID
VU#992585
third-party-advisory
x_refsource_CERT-VN
29394
third-party-advisory
x_refsource_SECUNIA
1019666
vdb-entry
x_refsource_SECTRACK
ADV-2008-0953
vdb-entry
x_refsource_VUPEN
vpn1-ipaddress-dos(41260)
vdb-entry
x_refsource_XF
https://supportcenter.checkpoint.com/supportcenter/portal?solutionid=sk34579
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now