Check Point FireWall-1 4.x Multiple Vulnerabilities (OF, FS)

This script is Copyright (C) 2004-2014 Tenable Network Security, Inc.

Synopsis :

The remote web server has a denial of service vulnerability.

Description :

The remote Check Point Firewall web server crashes when sent a
specially formatted HTTP request. A remote attacker could use this to
crash the web server, or possibly execute arbitrary code.

This bug is a solid indicator that the server is vulnerable to several
other Check Point FW-1 4.x bugs that Nessus did not check for.

See also :

Solution :

Apply the configurationn change referenced in the vendor's advisory.

Risk factor :

High / CVSS Base Score : 7.5
CVSS Temporal Score : 6.4
Public Exploit Available : false

Family: Firewalls

Nessus Plugin ID: 12084 (checkpoint_format.nasl)

Bugtraq ID: 10820

CVE ID: CVE-2004-0039