Check Point FireWall-1 login
| fw1-login-response (5816) |  Low Risk |
Description:
A vulnerability in the authentication mechanism in Check Point FireWall-1 could allow a remote attacker to determine valid usernames on the firewall. Firewall-1 displays different error messages for invalid usernames as opposed to invalid passwords. If a remote attacker determines a valid username, the attacker could use brute force methods to determine the password and gain access to the firewall.
Platforms Affected:
- CheckPoint, FireWall-1 3.0
- CheckPoint, FireWall-1 4.0
Remedy:
No remedy available as of July 4, 2009.
Consequences:
Gain Access
References:
- BugTraq Mailing List, Thu Nov 02 2000 - 07:01:53 CST, Re: Samba 2.0.7 SWAT vulnerabilities at http://archives.neohapsis.com/archives/bugtraq/2000-11/0030.html.
- BID-1890: Checkpoint Firewall-1 Valid Username Vulnerability
- CVE-2000-1032: The client authentication interface for Check Point Firewall-1 4.0 and earlier generates different error messages for invalid usernames versus invalid passwords, which allows remote attackers to identify valid usernames on the firewall.
- OSVDB ID: 1632: Check Point FireWall-1 Valid Username Information Disclosure
Reported:
Nov 01, 2000
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net