CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
Percentile
79.6%
Check Point Firewall CIFS service group may allow unintended traffic to pass through the firewall.
Check Point Firewall contains a set of predefined service groups designed to handle different types of traffic associated with a service or collection of protocols. For instance, Check Point firewalls contain a predefined collection of rules to handle traffic associated with the Common Internet File System (CIFS), known as the CIFS service group.
A flaw in CIFS service group implementation may cause traffic not designated as part of the CIFS service group to be handled in an unintended manner. Depending on the configuration of the rules in place, the firewall may allow unintended traffic to pass through the firewall or drop legitimate traffic at the firewall.
Under certain configurations, arbitrary packets may pass through the firewall. This may allow access to hosts that would normally be protected behind the firewall boundary. Additionally, in other configurations, this issue may cause the firewall to deny all traffic.
Check Point suggests changing the name of the CIFS service group to mitigate this issue. For more detailed information on this workaround, please refer to Check Point SecureKnowledge database article SK31196.
508209
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
Javascript is disabled. Click here to view vendors.
Notified: September 13, 2005 Updated: September 19, 2005
Affected
For more detailed information on this issue, please refer to Check Point SecureKnowledge database article SK31196 on:.
<http://secureknowledge.us.checkpoint.com/SecureKnowledge/viewSolutionDocument.do?id=sk31196>
The vendor has not provided us with any further information regarding this vulnerability.
Group | Score | Vector |
---|---|---|
Base | ||
Temporal | ||
Environmental |
This vulnerability was publicly reported by fitz.
This document was written by Jeff Gennari.
CVE IDs: | CVE-2005-2889 |
---|---|
Severity Metric: | 4.39 Date Public: |