Check Point Firewall-1内部地址泄漏漏洞

漏洞信息详情

Check Point Firewall-1内部地址泄漏漏洞

• CNNVD编号：CNNVD-200003-023
• 危害等级： 中危
  
  
• CVE编号：
  CVE-2000-0181
  
• 漏洞类型：
  
  
  设计错误
  
• 发布时间：
  
  2000-03-11
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2006-01-04
  
• 厂        商：
  
  checkpoint
• 漏洞来源：
  This vulnerability…

Firewall-1 3.0版本和4.0版本泄漏私人IP地址信息。远程攻击者利用此漏洞可以确定正在连接的主机的真正IP地址。

It has been reported that a service pack has been released by Checkpoint to address this problem. For FW-1 4.0, this is SP5. It is available at their website.
A suitable solution may be to establish egress filtering. Information can be found on this subject at:
http://www.sans.org/y2k/egress.htm
Check Point Software Firewall-1 4.0

• Check Point Software SP5
  
  http://www.checkpoint.com

来源: BID
名称: 1054
链接:http://www.securityfocus.com/bid/1054

来源: OSVDB
名称: 1256
链接:http://www.osvdb.org/1256

来源: BUGTRAQ
名称: 20000311 Our old friend Firewall-1
链接:http://archives.neohapsis.com/archives/bugtraq/2000-03/0119.html