Vulnerabilities > CVE-2000-0808 - Unspecified vulnerability in Checkpoint Firewall-1 3.0/4.0/4.1

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

checkpoint

NVD

Published: 2000-11-14

Updated: 2017-10-10

Summary

The seed generation mechanism in the inter-module S/Key authentication mechanism in Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to bypass authentication via a brute force attack, aka "One-time (s/key) Password Authentication."

Vulnerable Configurations

Part	Description	Count
Application	Checkpoint Checkpoint Firewall 1 3.0 Checkpoint Firewall 1 4.0 Checkpoint Firewall 1 4.1	3

References

http://www.checkpoint.com/techsupport/alerts/list_vun.html#One-time_Password
http://www.osvdb.org/4421
https://exchange.xforce.ibmcloud.com/vulnerabilities/5137