← back
CVE-2000-1037

CVE-2000-1037

EPSS 3.3%
Check Point Firewall-1 session agent 3.0 through 4.1 generates different error messages for invalid user names versus invalid passwords, which allows remote attackers to determine valid usernames and guess a password via a brute force attack.
Affected products
n/a · n/a
public PoCs found2
exploitdbwww.exploit-db.com/exploits/20215unverifiedexploitdbwww.exploit-db.com/exploits/20216unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://www.securityfocus.com/archive/1/76389http://www.securityfocus.com/bid/1662