Check Point Endpoint Security Server Information Disclosure

medium Nessus Plugin ID 52016

Synopsis

The remote web server hosts an application that is affected by an information disclosure vulnerability.

Description

Check Point Endpoint Security Server or Integrity Server appears to be running on the remote system. The installed version exposes certain private directories, which contain sensitive information such as SSL private keys, configuration files, and certain application binaries.

An unauthenticated, remote attacker can leverage this issue to download SSL private keys and perform Man-in-the-Middle (MITM) attacks or launch other attacks based on the information obtained from the configuration files.

Solution

Apply the appropriate vendor patch.

See Also

http://www.rapid7.com/security-center/advisories/R7-0038.jsp

https://seclists.org/fulldisclosure/2011/Feb/118

http://www.nessus.org/u?d195fdf8

Plugin Details

Severity: Medium

ID: 52016

File Name: checkpoint_ess_info_disclosure.nasl

Version: 1.13

Type: remote

Family: CGI abuses

Published: 2/17/2011

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 4.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS v3

Risk Factor: Medium

Base Score: 5.3

Temporal Score: 4.9

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

Required KB Items: installed_sw/Apache

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 11/29/2010

Vulnerability Publication Date: 2/7/2011

Reference Information

BID: 46224

Secunia: 43219