CVE-2005-4093
First published: Thu Dec 08 2005(Updated: )
Check Point VPN-1 SecureClient NG with Application Intelligence R56, NG FP1, 4.0, and 4.1 allows remote attackers to bypass security policies by modifying the local copy of the local.scv policy file after it has been downloaded from the VPN Endpoint.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Check Point SecureClient NG | =r56 | |
| Check Point VPN-1 SecureClient | =4.1 | |
| Check Point SecureClient NG | ||
| Check Point VPN-1 SecureClient | =4.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.mail-archive.com/swinog@lists.swinog.ch/msg00798.html
- http://www.mail-archive.com/swinog@lists.swinog.ch/msg00799.html
- http://www.securityfocus.com/bid/15757
- http://securitytracker.com/id?1015326
- http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/039634.html
- http://secunia.com/advisories/17837
- http://www.us.debian.org/security/2006/dsa-1237
- http://secunia.com/advisories/23395
- http://www.vupen.com/english/advisories/2005/2808
- http://www.mail-archive.com/swinog%40lists.swinog.ch/msg00798.html
- http://www.mail-archive.com/swinog%40lists.swinog.ch/msg00799.html
Frequently Asked Questions
What is the severity of CVE-2005-4093?
CVE-2005-4093 is considered to have a high severity as it allows remote attackers to bypass security policies.
How do I fix CVE-2005-4093?
To fix CVE-2005-4093, ensure that you are using the latest version of Check Point VPN-1 SecureClient or SecureClient NG with updated policy configurations.
What systems are affected by CVE-2005-4093?
CVE-2005-4093 affects Check Point VPN-1 SecureClient NG R56, NG FP1, 4.0, and 4.1 versions.
Can CVE-2005-4093 be exploited remotely?
Yes, CVE-2005-4093 can be exploited remotely by attackers who modify the local copy of the policy file.
What is the impact of CVE-2005-4093 on network security?
The impact of CVE-2005-4093 on network security is significant, as it allows attackers to bypass critical security policies.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/last-modified-date
- agent/references
- agent/severity
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/author
- agent/tags
- agent/softwarecombine
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- collector/nvd-api
- vendor/checkpoint
- canonical/check point secureclient ng
- version/check point secureclient ng/r56
- canonical/check point vpn-1 secureclient
- version/check point vpn-1 secureclient/4.1
- version/check point vpn-1 secureclient/4.0