var-200403-0026
Vulnerability from variot
Stack-based buffer overflow in Check Point VPN-1 Server 4.1 through 4.1 SP6 and Check Point SecuRemote/SecureClient 4.1 through 4.1 build 4200 allows remote attackers to execute arbitrary code via an ISAKMP packet with a large Certificate Request packet. A buffer overflow vulnerability exists in the Internet Security Association and Key Management Protocol (ISAKMP) implementation used in Check Point VPN-1, SecuRemote, and SecureClient products. An unauthenticated, remote attacker could execute arbitrary code with the privileges of the ISAKMP process, typically root or SYSTEM. Because of this, it is possible for a remote attacker to gain unauthorized access to vulnerable systems. Check Point Firewall-1 is a high-performance firewall, Checkpoint VPN-1 server and Checkpoint VPN client provide VPN access for remote client computers. The IKE component of these products allows non-directional or bi-directional authentication of two remote peers. The Checkpoint VPN-1 server and Checkpoint VPN client lack sufficient checks when handling large certificate loads. Remote attackers can exploit this vulnerability to carry out buffer overflow attacks and possibly control the firewall server with system privileges. Internet Key Exchange (IKE) is used for key negotiation and exchange during encrypted transmission or communication via VPN. The ISAKMP protocol is used for this exchange. Remote unauthenticated users trigger this vulnerability during the initial phase of IKE negotiation when various products such as VPN implementations lack sufficient bounds checks when processing ISAKMP packets containing very large certificate request payloads. Attackers do not need to interact with the target system to exploit this vulnerability, they only need to attack by sending UDP packets with forged source addresses. Successful exploitation of this vulnerability can directly control the entire firewall system
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200403-0026",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "vpn-1",
"scope": "eq",
"trust": 1.6,
"vendor": "checkpoint",
"version": "next_generation_fp1"
},
{
"model": "vpn-1",
"scope": "eq",
"trust": 1.6,
"vendor": "checkpoint",
"version": "4.1"
},
{
"model": "vpn-1",
"scope": "eq",
"trust": 1.6,
"vendor": "checkpoint",
"version": "next_generation_fp0"
},
{
"model": "firewall-1",
"scope": "eq",
"trust": 1.6,
"vendor": "checkpoint",
"version": "4.1"
},
{
"model": "firewall-1",
"scope": "eq",
"trust": 1.6,
"vendor": "checkpoint",
"version": "next_generation_fp1"
},
{
"model": "firewall-1",
"scope": "eq",
"trust": 1.0,
"vendor": "checkpoint",
"version": "next_generation_fp0"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "check point",
"version": null
},
{
"model": "vpn-1/firewall-1",
"scope": "eq",
"trust": 0.8,
"vendor": "check point",
"version": "4.1"
},
{
"model": "vpn-1/firewall-1",
"scope": "eq",
"trust": 0.8,
"vendor": "check point",
"version": "4.1sp1"
},
{
"model": "vpn-1/firewall-1",
"scope": "eq",
"trust": 0.8,
"vendor": "check point",
"version": "4.1sp2"
},
{
"model": "vpn-1/firewall-1",
"scope": "eq",
"trust": 0.8,
"vendor": "check point",
"version": "4.1sp3"
},
{
"model": "vpn-1/firewall-1",
"scope": "eq",
"trust": 0.8,
"vendor": "check point",
"version": "4.1sp4"
},
{
"model": "vpn-1/firewall-1",
"scope": "eq",
"trust": 0.8,
"vendor": "check point",
"version": "4.1sp5"
},
{
"model": "vpn-1/firewall-1",
"scope": "eq",
"trust": 0.8,
"vendor": "check point",
"version": "ng"
},
{
"model": "vpn-1/firewall-1",
"scope": "eq",
"trust": 0.8,
"vendor": "check point",
"version": "ng fp1"
},
{
"model": "point software vpn-1 next generation fp1",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software vpn-1 next generation fp0",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software vpn-1 sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software vpn-1 sp5a",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software vpn-1 sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software vpn-1 sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software vpn-1 sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software vpn-1 sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software vpn-1 sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software vpn-1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software securemote",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software securemote",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software secureclient",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software secureclient",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.0"
},
{
"model": "point software firewall-1 next generation fp1",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software firewall-1 next generation fp0",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software firewall-1 sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1 sp5a",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1 sp5",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1 sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1 sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1 sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1 sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software vpn-1 next generation fp2",
"scope": "ne",
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software vpn-1 sp6",
"scope": "ne",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
},
{
"model": "point software firewall-1 next generation fp2",
"scope": "ne",
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software firewall-1 sp6",
"scope": "ne",
"trust": 0.3,
"vendor": "check",
"version": "4.1"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#873334"
},
{
"db": "BID",
"id": "9582"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000033"
},
{
"db": "CNNVD",
"id": "CNNVD-200403-005"
},
{
"db": "NVD",
"id": "CVE-2004-0040"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:checkpoint:vpn-1_firewall-1",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2004-000033"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mark Dowd\nNeel Mehta",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200403-005"
}
],
"trust": 0.6
},
"cve": "CVE-2004-0040",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2004-0040",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-8470",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2004-0040",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#873334",
"trust": 0.8,
"value": "5.20"
},
{
"author": "NVD",
"id": "CVE-2004-0040",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200403-005",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-8470",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#873334"
},
{
"db": "VULHUB",
"id": "VHN-8470"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000033"
},
{
"db": "CNNVD",
"id": "CNNVD-200403-005"
},
{
"db": "NVD",
"id": "CVE-2004-0040"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Stack-based buffer overflow in Check Point VPN-1 Server 4.1 through 4.1 SP6 and Check Point SecuRemote/SecureClient 4.1 through 4.1 build 4200 allows remote attackers to execute arbitrary code via an ISAKMP packet with a large Certificate Request packet. A buffer overflow vulnerability exists in the Internet Security Association and Key Management Protocol (ISAKMP) implementation used in Check Point VPN-1, SecuRemote, and SecureClient products. An unauthenticated, remote attacker could execute arbitrary code with the privileges of the ISAKMP process, typically root or SYSTEM. Because of this, it is possible for a remote attacker to gain unauthorized access to vulnerable systems. Check Point Firewall-1 is a high-performance firewall, Checkpoint VPN-1 server and Checkpoint VPN client provide VPN access for remote client computers. The IKE component of these products allows non-directional or bi-directional authentication of two remote peers. The Checkpoint VPN-1 server and Checkpoint VPN client lack sufficient checks when handling large certificate loads. Remote attackers can exploit this vulnerability to carry out buffer overflow attacks and possibly control the firewall server with system privileges. Internet Key Exchange (IKE) is used for key negotiation and exchange during encrypted transmission or communication via VPN. The ISAKMP protocol is used for this exchange. Remote unauthenticated users trigger this vulnerability during the initial phase of IKE negotiation when various products such as VPN implementations lack sufficient bounds checks when processing ISAKMP packets containing very large certificate request payloads. Attackers do not need to interact with the target system to exploit this vulnerability, they only need to attack by sending UDP packets with forged source addresses. Successful exploitation of this vulnerability can directly control the entire firewall system",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0040"
},
{
"db": "CERT/CC",
"id": "VU#873334"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000033"
},
{
"db": "BID",
"id": "9582"
},
{
"db": "VULHUB",
"id": "VHN-8470"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#873334",
"trust": 3.3
},
{
"db": "NVD",
"id": "CVE-2004-0040",
"trust": 2.8
},
{
"db": "BID",
"id": "9582",
"trust": 2.8
},
{
"db": "OSVDB",
"id": "3821",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "4432",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "10795",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000033",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200403-005",
"trust": 0.7
},
{
"db": "XF",
"id": "14150",
"trust": 0.6
},
{
"db": "XF",
"id": "1",
"trust": 0.6
},
{
"db": "ISS",
"id": "20040204 CHECKPOINT VPN-1/SECURECLIENT ISAKMP BUFFER OVERFLOW",
"trust": 0.6
},
{
"db": "CIAC",
"id": "O-073",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20040205 TWO CHECKPOINT FW-1/VPN-1 VULNS",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-8470",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#873334"
},
{
"db": "VULHUB",
"id": "VHN-8470"
},
{
"db": "BID",
"id": "9582"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000033"
},
{
"db": "CNNVD",
"id": "CNNVD-200403-005"
},
{
"db": "NVD",
"id": "CVE-2004-0040"
}
]
},
"id": "VAR-200403-0026",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-8470"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T12:31:34.693000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "41_isakmp",
"trust": 0.8,
"url": "http://www.checkpoint.com/techsupport/alerts/41_isakmp.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2004-000033"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0040"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.6,
"url": "http://xforce.iss.net/xforce/alerts/id/163"
},
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/9582"
},
{
"trust": 2.5,
"url": "http://www.kb.cert.org/vuls/id/873334"
},
{
"trust": 1.7,
"url": "http://www.ciac.org/ciac/bulletins/o-073.shtml"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/3821"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/4432"
},
{
"trust": 1.1,
"url": "http://www.checkpoint.com/techsupport/alerts/41_isakmp.html"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=107604682227031\u0026w=2"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14150"
},
{
"trust": 0.8,
"url": "http://www.checkpoint.com/corporate/iss.html"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/html.charters/ipsec-charter.html"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc2408.txt"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc2409.txt"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc2412.txt"
},
{
"trust": 0.8,
"url": "http://www.research.ibm.com/security/skeme.ps"
},
{
"trust": 0.8,
"url": "http://www.secunia.com/advisories/10795/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2004-0040"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2004-0040"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/14150"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=107604682227031\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.checkpoint.com/techsupport/"
},
{
"trust": 0.3,
"url": "/archive/1/352962"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#873334"
},
{
"db": "VULHUB",
"id": "VHN-8470"
},
{
"db": "BID",
"id": "9582"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000033"
},
{
"db": "CNNVD",
"id": "CNNVD-200403-005"
},
{
"db": "NVD",
"id": "CVE-2004-0040"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#873334"
},
{
"db": "VULHUB",
"id": "VHN-8470"
},
{
"db": "BID",
"id": "9582"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000033"
},
{
"db": "CNNVD",
"id": "CNNVD-200403-005"
},
{
"db": "NVD",
"id": "CVE-2004-0040"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-02-05T00:00:00",
"db": "CERT/CC",
"id": "VU#873334"
},
{
"date": "2004-03-03T00:00:00",
"db": "VULHUB",
"id": "VHN-8470"
},
{
"date": "2004-02-05T00:00:00",
"db": "BID",
"id": "9582"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2004-000033"
},
{
"date": "2004-02-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200403-005"
},
{
"date": "2004-03-03T05:00:00",
"db": "NVD",
"id": "CVE-2004-0040"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-02-12T00:00:00",
"db": "CERT/CC",
"id": "VU#873334"
},
{
"date": "2017-10-10T00:00:00",
"db": "VULHUB",
"id": "VHN-8470"
},
{
"date": "2009-07-12T02:06:00",
"db": "BID",
"id": "9582"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2004-000033"
},
{
"date": "2006-01-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200403-005"
},
{
"date": "2017-10-10T01:30:16.580000",
"db": "NVD",
"id": "CVE-2004-0040"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200403-005"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Check Point ISAKMP vulnerable to buffer overflow via Certificate Request",
"sources": [
{
"db": "CERT/CC",
"id": "VU#873334"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Boundary Condition Error",
"sources": [
{
"db": "BID",
"id": "9582"
},
{
"db": "CNNVD",
"id": "CNNVD-200403-005"
}
],
"trust": 0.9
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.