Home    |    View Topics    |    Search    |    Contact Us    |   



Category:   Application (Firewall)  >   FireWall-1/VPN-1 Vendors:   Check Point
Check Point FireWall-1 HTTP Request Smuggling May Let Remote Users Bypass Web Intelligence Features
SecurityTracker Alert ID:  1014357
SecurityTracker URL:
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Jul 2 2005
Impact:   Host/resource access via network
Fix Available:  Yes  Exploit Included:  Yes  
Version(s): FP4-R55W beta
Description:   A vulnerability was reported in Check Point FireWall-1. A remote user can conduct HTTP request smuggling attacks.

A remote user can submit a specially crafted HTTP request with two 'Content-Length' headers to embedded a malicious request within another request. This can be exploited to bypass some of the Web Intelligence security features, such as the worm catcher, directory traversal, maximum URL length, XSS, URI resource, and command injection protection mechanisms.

This vulnerability was reported by Watchfire.

A description of HTTP request smuggling attacks is available at: equest-Smuggling.pdf

Impact:   A remote user may be able to bypass some of the Web Intelligence security features.
Solution:   The report indicates that the vendor may have issued a fix as part of R55W or a separate patch.

[Editor's note: The vendor's public web site does not reference this vulnerability.]

Vendor URL: (Links to External Site)
Cause:   State error
Underlying OS:  Linux (Any), UNIX (AIX), UNIX (HP/UX), UNIX (Solaris - SunOS), Windows (NT), Windows (2000)

Message History:   None.

 Source Message Contents

[Original Message Not Available for Viewing]

Go to the Top of This SecurityTracker Archive Page

Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, LLC