Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-1999-0770Checkpoint Firewall-1 vulnerability

4 documents4 sources
Severity
2.1LOWNVD
EPSS
0.6%
top 29.82%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Checkpoint Firewall-1
Timeline
PublishedJul 29
Latest updateApr 30

Description

Firewall-1 sets a long timeout for connections that begin with ACK or other packets except SYN, allowing an attacker to conduct a denial of service via a large number of connection attempts to unresponsive systems.

CVSS vector

AV:L/AC:L/C:N/I:N/A:PExploitability: 3.9 | Impact: 2.9

Affected Packages1 packages

NVDcheckpoint/firewall-13.0, 4.0+1

Patches

Patch: www.securityfocus.comPatch: www.securityfocus.com

🔴Vulnerability Details

2
GHSA
GHSA-cmfr-w36g-hm8h: Firewall-1 sets a long timeout for connections that begin with ACK or other packets except SYN, allowing an attacker to conduct a denial of service vi2022-04-30
CVEList
CVE-1999-0770: Firewall-1 sets a long timeout for connections that begin with ACK or other packets except SYN, allowing an attacker to conduct a denial of service vi2000-01-18

💥Exploits & PoCs

1
Exploit-DB
Check Point Software Firewall-1 3.0/1 4.0 - Table Saturation Denial of Service1999-07-29
CVE-1999-0770 — Checkpoint Firewall-1 vulnerability | cvebase