Vulnerability Details CVE-2005-4093
Check Point VPN-1 SecureClient NG with Application Intelligence R56, NG FP1, 4.0, and 4.1 allows remote attackers to bypass security policies by modifying the local copy of the local.scv policy file after it has been downloaded from the VPN Endpoint.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.095
EPSS Ranking 92.5%
CVSS Severity
CVSS v2 Score 6.5
References
- http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/039634.html
- http://secunia.com/advisories/17837
- http://secunia.com/advisories/23395
- http://securitytracker.com/id?1015326
- http://www.mail-archive.com/swinog%40lists.swinog.ch/msg00798.html
- http://www.mail-archive.com/swinog%40lists.swinog.ch/msg00799.html
- http://www.securityfocus.com/bid/15757
- http://www.us.debian.org/security/2006/dsa-1237
- http://www.vupen.com/english/advisories/2005/2808
- http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/039634.html
- http://secunia.com/advisories/17837
- http://secunia.com/advisories/23395
- http://securitytracker.com/id?1015326
- http://www.mail-archive.com/swinog%40lists.swinog.ch/msg00798.html
- http://www.mail-archive.com/swinog%40lists.swinog.ch/msg00799.html
- http://www.securityfocus.com/bid/15757
- http://www.us.debian.org/security/2006/dsa-1237
- http://www.vupen.com/english/advisories/2005/2808
Products affected by CVE-2005-4093
-
cpe:2.3:a:checkpoint:secureclient_ng:*
-
cpe:2.3:a:checkpoint:secureclient_ng:r56
-
cpe:2.3:a:checkpoint:vpn-1_secureclient:4.0
-
cpe:2.3:a:checkpoint:vpn-1_secureclient:4.1