CVE-2002-2405

Check Point FireWall-1 4.1 and Next Generation (NG), with UserAuth configured to proxy HTTP traffic only, allows remote attackers to pass unauthorized HTTPS, FTP and possibly other traffic through the firewall.

Published: Dec 31, 2002
Updated: Apr 13, 2023
CVE: CVE-2002-2405
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.9
AV:N/AC:M/Au:S/C:P/I:P/A:N

CWEs:

CWE-264

Affected Software
References

Software	From	Fixed in
checkpoint / firewall-1	4.1	4.1.x
checkpoint / firewall-1	ng	ng.x

http://archives.neohapsis.com/archives/bugtraq/2002-09/0219.html
http://www.iss.net/security_center/static/10139.php
http://www.securityfocus.com/bid/5744

Vulnerability Database

289,697

CVE-2002-2405