CVE-2008-1397

Check Point VPN-1 Power/UTM, with NGX R60 through R65 and NG AI R55 software, allows remote authenticated users to cause a denial of service (site-to-site VPN tunnel outage), and possibly intercept network traffic, by configuring the local RFC1918 IP address to be the same as one of this tunnel's endpoint RFC1918 IP addresses, and then using SecuRemote to connect to a network interface at the other endpoint.

Published: Mar 20, 2008
Updated: Apr 13, 2023
CVE: CVE-2008-1397
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.5
AV:N/AC:L/Au:S/C:P/I:P/A:P

CWEs:

CWE-264

Affected Software
References

Software	From	Fixed in
checkpoint / vpn-1_power_utm_with_ngx	r65	r65.x
checkpoint / check_point_vpn-1_pro	ngx_r61	ngx_r61.x
checkpoint / vpn-1	ngx_r60	ngx_r60.x
checkpoint / vpn-1_power_utm	ngx_r65_with_messaging_security	ngx_r65_with_messaging_security.x
checkpoint / vpn-1_firewall-1	ng_ai_r55	ng_ai_r55.x
checkpoint / check_point_vpn-1_pro	ngx_r62_ga	ngx_r62_ga.x

http://puresecurity.com.au/index.php?action=fullnews&id=5
http://secunia.com/advisories/29394
http://www.kb.cert.org/vuls/id/992585
http://www.puresecurity.com.au/files/PureSecurity%20VPN-1%20DoS_Spoofing%20Attack%20against%20VPN%20tunnels.pdf
http://www.securityfocus.com/bid/28299
http://www.securitytracker.com/id?1019666
http://www.vupen.com/english/advisories/2008/0953/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/41260
https://supportcenter.checkpoint.com/supportcenter/portal?solutionid=sk34579

Vulnerability Database

289,697

CVE-2008-1397