>> Check Point FireWall-1 PKI Web Service Remote Directory Traversal Vulnerability
Title : Check Point FireWall-1 PKI Web Service Remote Directory Traversal Vulnerability VUPEN ID : VUPEN/ADV-2006-2965 CVE ID : CVE-2006-3885
Rated as : Moderate Risk
Remotely Exploitable : Yes Locally Exploitable : Yes Release Date : 2006-07-25
Technical Description
A vulnerability has been identified in CheckPoint FireWall-1, which could be exploited by remote attackers to gain unauthorized access to arbitrary files on a vulnerable system. This flaw is due to an input validation error in the built-in web server (port 18264/tcp) when handling specially crafted HTTP requests containing encoded characters, which could be exploited by remote unauthenticated attackers to access and read the contents of arbitrary files.
Subscribe to VUPEN VNS and receive real-time e-mail and SMS alerts when new advisories or patches relevant to your systems and network configurations are available.
Feedback If you have additional information or corrections for this security advisory please submit them via our contact form.
