OSVDB ID: 85703

Title: Check Point Firewall / VPN-1 Pre-authentication Topology Request SmartHost Remote Disclosure

Info

Disclosure

Mar 12, 2012

Discovery

Dec 14, 2011

Dates

Exploit

Dec 21, 2011

Solution

Mar 18, 2012

Description

Check Point Firewall and VPN-1 contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a certain query is to the TCP Port 264. This will retrieve the firewall name and management station (such as the SmartCenter) via a pre-authentication topology request.

Classification

Location: Remote / Network Access
Attack Type: Information Disclosure
Impact: Loss of Confidentiality
Solution: Solution Unknown
Exploit: Exploit Public
Disclosure: Vendor Disputed
OSVDB: Security Software

Solution

OSVDB is not aware of a solution for this vulnerability.

Products

Check Point Software Technologies Ltd.	Check Point Firewall / VPN-1	NGX R65
		NGX R71

References

Security Tracker: 1026786
Bugtraq ID: 52430
Mail List Post: http://seclists.org/bugtraq/2012/Mar/49
Vendor URL: http://www.checkpoint.com/
Generic Exploit URL: http://www.metasploit.com/modules/auxiliary/gather/checkpoint_hostname
Other Advisory URL: http://www.osisecurity.com.au/advisories/checkpoint-firewall-securemote-hostname-information-disclosure
Vendor Specific Solution URL: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk69360

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/85703

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Check Point Software Technologies Ltd.

Check Point Firewall / VPN-1

References

Credit