exploitDog

CVE-2008-5849

Опубликовано: 06 янв. 2009

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

Check Point VPN-1 R55, R65, and other versions, when Port Address Translation (PAT) is used, allows remote attackers to discover intranet IP addresses via a packet with a small TTL, which triggers an ICMP_TIMXCEED_INTRANS (aka ICMP time exceeded in-transit) response containing an encapsulated IP packet with an intranet address, as demonstrated by a TCP packet to the firewall management server on port 18264.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:checkpoint:vpn-1:r55:*:*:*:*:*:*:*

cpe:2.3:a:checkpoint:vpn-1:r65:*:*:*:*:*:*:*

EPSS

Процентиль: 66%

0.00516

Низкий

5 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

GHSA-2fwx-xc3r-67p8

github

больше 3 лет назад

Check Point VPN-1 R55, R65, and other versions, when Port Address Translation (PAT) is used, allows remote attackers to discover intranet IP addresses via a packet with a small TTL, which triggers an ICMP_TIMXCEED_INTRANS (aka ICMP time exceeded in-transit) response containing an encapsulated IP packet with an intranet address, as demonstrated by a TCP packet to the firewall management server on port 18264.

EPSS

Процентиль: 66%

0.00516

Низкий

5 Medium

CVSS2

Дефекты

CWE-200