Vulnerability Details CVE-2001-1158
Check Point VPN-1/FireWall-1 4.1 base.def contains a default macro, accept_fw1_rdp, which can allow remote attackers to bypass intended restrictions with forged RDP (internal protocol) headers to UDP port 259 of arbitrary hosts.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.048
EPSS Ranking 88.9%
CVSS Severity
CVSS v2 Score 7.5
References
- http://archives.neohapsis.com/archives/bugtraq/2001-07/0128.html
- http://ciac.llnl.gov/ciac/bulletins/l-109.shtml
- http://online.securityfocus.com/cgi-bin/archive.pl?id=1&start=2002-03-11&end=2002-03-17&mid=195647&threads=1
- http://www.cert.org/advisories/CA-2001-17.html
- http://www.checkpoint.com/techsupport/alerts/rdp.html
- http://www.kb.cert.org/vuls/id/310295
- http://www.osvdb.org/1884
- http://www.securityfocus.com/bid/2952
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6815
- http://archives.neohapsis.com/archives/bugtraq/2001-07/0128.html
- http://ciac.llnl.gov/ciac/bulletins/l-109.shtml
- http://online.securityfocus.com/cgi-bin/archive.pl?id=1&start=2002-03-11&end=2002-03-17&mid=195647&threads=1
- http://www.cert.org/advisories/CA-2001-17.html
- http://www.checkpoint.com/techsupport/alerts/rdp.html
- http://www.kb.cert.org/vuls/id/310295
- http://www.osvdb.org/1884
- http://www.securityfocus.com/bid/2952
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6815
Products affected by CVE-2001-1158
-
cpe:2.3:a:checkpoint:firewall-1:4.1
-
cpe:2.3:a:checkpoint:firewall-1:4.1_build_41439