Check Point Firewall-1 Internal Certificate Authority (ICA) Information Disclosure
OSVDB ID: 31592Disclosure Date: Jan 1, 2006
Description:
Check Point Firewall-1 contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when an attacker connects to port 18264 and accesses the internal certificate for the server, revealing the presence of the firewall. This may also disclose certificate revocation lists and other information resulting in a loss of confidentiality.
Vulnerability Classification:
Remote/Network Access Required
Information Disclosure Attack
Loss Of Confidentiality
Exploit Available
Verified
Concern
Web Related
Products:
Check Point Software Technologies, Inc. FireWall-1 Unknown or Unspecified
Solution:
Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workaround: Restrict access to the Internal Certificate Authority interface to internal hosts.
Manual Testing Notes:
http://[target]:18264/
External References:
Nessus Script ID: 22094
Vendor URL: http://www.checkpoint.com/products/firewall-1/index.html
Credit:
OSVDB does not have information on who discovered this vulnerability. If you have credit information please send it to OSVDB Moderators
Vulnerability Status:
This entry was last updated on Feb 14, 2007. If you have additional information or corrections for this vulnerability please submit them to OSVDB Moderators.
Labels: Advisory, Firewall, Vulnerability
<< Home