Vulnerabilities > CVE-2004-0039 - Remote Format String vulnerability in Multiple Check Point Firewall-1 HTTP Security Server
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Multiple format string vulnerabilities in HTTP Application Intelligence (AI) component in Check Point Firewall-1 NG-AI R55 and R54, and Check Point Firewall-1 HTTP Security Server included with NG FP1, FP2, and FP3 allows remote attackers to execute arbitrary code via HTTP requests that cause format string specifiers to be used in an error message, as demonstrated using the scheme of a URI.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Nessus
| NASL family | Firewalls |
| NASL id | CHECKPOINT_FORMAT.NASL |
| description | The remote Check Point Firewall web server crashes when sent a specially formatted HTTP request. A remote attacker could use this to crash the web server, or possibly execute arbitrary code. This bug is a solid indicator that the server is vulnerable to several other Check Point FW-1 4.x bugs that Nessus did not check for. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 12084 |
| published | 2004-03-02 |
| reporter | This script is Copyright (C) 2004-2018 and is owned by Tenable, Inc. or an Affiliate thereof. |
| source | https://www.tenable.com/plugins/nessus/12084 |
| title | Check Point FireWall-1 4.x Multiple Vulnerabilities (OF, FS) |
References
- http://marc.info/?l=bugtraq&m=107604682227031&w=2
- http://www.checkpoint.com/techsupport/alerts/security_server.html
- http://www.ciac.org/ciac/bulletins/o-072.shtml
- http://www.kb.cert.org/vuls/id/790771
- http://www.securityfocus.com/bid/9581
- http://www.us-cert.gov/cas/techalerts/TA04-036A.html
- http://xforce.iss.net/xforce/alerts/id/162
- https://exchange.xforce.ibmcloud.com/vulnerabilities/14149