Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
HTTP:CHKP:AUTH-FMT-STR |
|---|---|
Severity |
Critical |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Authentication Format String Attack |
Release Date |
2004/02/25 |
Update Number |
1213 |
Supported Platforms |
di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
HTTP: Authentication Format String Attack
This signature detects attempts to exploit a known vulnerability in some Web servers and Web proxies. Attackers can send user authentication that includes format strings to crash some Web servers, thereby creating a denial-of-service condition or enabling the attackers to take control of the firewall as root.
Extended Description
Problems in the handling of some types of HTTP requests from remote users have been identified in Check Point Firewall-1 HTTP Application Intelligence and HTTP Security Server. Because of this, it is possible for a remote attacker to gain unauthorized access to a vulnerable system with administrative privileges.
Affected Products
- Check_point_software firewall-1 4.1.0
- Check_point_software firewall-1 4.1.0 SP1
- Check_point_software firewall-1 4.1.0 SP2
- Check_point_software firewall-1 4.1.0 SP3
- Check_point_software firewall-1 4.1.0 SP4
- Check_point_software firewall-1 4.1.0 SP5
- Check_point_software firewall-1 4.1.0 SP6
- Check_point_software firewall-1 R55W HFA3
- Check_point_software firewall-1
- Check_point_software next_generation FP1
- Check_point_software next_generation FP2
- Check_point_software next_generation FP3
- Check_point_software next_generation FP3 HF1
- Check_point_software next_generation FP3 HF2
- Check_point_software ng-ai R54
- Check_point_software ng-ai R55
- Check_point_software ng-ai
- Check_point_software nokia_voyager 4.1
References