Описание
The Auto Local Logon feature in Check Point VPN-1 SecuRemote/SecureClient NGX R60 and R56 for Windows caches credentials under the Checkpoint\SecuRemote registry key, which has Everyone/Full Control permissions, which allows local users to gain privileges by reading and reusing the credentials.
The Auto Local Logon feature in Check Point VPN-1 SecuRemote/SecureClient NGX R60 and R56 for Windows caches credentials under the Checkpoint\SecuRemote registry key, which has Everyone/Full Control permissions, which allows local users to gain privileges by reading and reusing the credentials.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2008-0662
- https://usercenter.checkpoint.com/usercenter/portal/user/anon/page/supportCenter.psml
- http://digihax.com
- http://secunia.com/advisories/28820
- http://securityreason.com/securityalert/3627
- http://www.securityfocus.com/archive/1/487735/100/0/threaded
- http://www.securityfocus.com/bid/27675
- http://www.securitytracker.com/id?1019317
- http://www.vupen.com/english/advisories/2008/0475
Связанные уязвимости
The Auto Local Logon feature in Check Point VPN-1 SecuRemote/SecureClient NGX R60 and R56 for Windows caches credentials under the Checkpoint\SecuRemote registry key, which has Everyone/Full Control permissions, which allows local users to gain privileges by reading and reusing the credentials.