VAR-200802-0381
Vulnerability from variot - Updated: 2024-02-22 22:49The Auto Local Logon feature in Check Point VPN-1 SecuRemote/SecureClient NGX R60 and R56 for Windows caches credentials under the Checkpoint\SecuRemote registry key, which has Everyone/Full Control permissions, which allows local users to gain privileges by reading and reusing the credentials. Check Point VPN-1 SecureClient/SecuRemote client for Microsoft Windows is prone to an information-disclosure vulnerability because it fails to protect users' login credentials. Attackers can exploit this issue to harvest VPN login credentials and gain unauthorized access to networks and resources protected by the VPN. This may lead to further attacks.
A new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI has been released. The new version includes many new and advanced features, which makes it even easier to stay patched.
Download and test it today: https://psi.secunia.com/
Read more about this new version: https://psi.secunia.com/?page=changelog
TITLE: VPN-1 SecuRemote/SecureClient NGX R60 and NGAI R56 Information Disclosure
SECUNIA ADVISORY ID: SA28820
VERIFY ADVISORY: http://secunia.com/advisories/28820/
CRITICAL: Less critical
IMPACT: Exposure of sensitive information
WHERE: Local system
SOFTWARE: Check Point VPN-1 SecureClient http://secunia.com/product/2966/ Check Point VPN-1 SecuRemote http://secunia.com/product/2180/
DESCRIPTION: A vulnerability has been reported in VPN-1 SecuRemote/SecureClient NGX R60 and NGAI R56, which can be exploited by malicious, local users to disclose sensitive information.
The vulnerability is caused due to the application storing user credentials within the Windows registry (HKLM\Software\Checkpoint\SecuRemote, subkey "Credentials") without proper permission settings. This can be exploited to disclose and use the credentials of other users.
Successful exploitation reportedly requires that caching of credentials is enabled.
The vulnerability is reported in VPN-1 SecuRemote/SecureClient NGX R60 and NGAI R56 for Windows.
SOLUTION: Apply "VPN-1 SecuRemote/SecureClient NGX R60 HFA_02 Supplement 2". http://checkpoint.com/downloads/quicklinks/downloads_sr.html
PROVIDED AND/OR DISCOVERED BY: Mike Vasquez, digihax
ORIGINAL ADVISORY: https://supportcenter.checkpoint.com/supportcenter/PublicLoginRedirect.jsp?toURL=eventSubmit_doGoviewsolutiondetails=%26solutionid=sk34315
digihax: http://digihax.com/
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200802-0381",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "vpn-1 secureclient",
"scope": "eq",
"trust": 1.6,
"vendor": "checkpoint",
"version": "ngx_r60"
},
{
"model": "vpn-1 secureclient",
"scope": "eq",
"trust": 1.6,
"vendor": "checkpoint",
"version": "ngai_r56"
},
{
"model": "vpn-1 secureclient",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30c1\u30a7\u30c3\u30af \u30dd\u30a4\u30f3\u30c8 \u30bd\u30d5\u30c8\u30a6\u30a7\u30a2 \u30c6\u30af\u30ce\u30ed\u30b8\u30fc\u30ba",
"version": "ngx r60 r56"
},
{
"model": "vpn-1 secureclient",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30c1\u30a7\u30c3\u30af \u30dd\u30a4\u30f3\u30c8 \u30bd\u30d5\u30c8\u30a6\u30a7\u30a2 \u30c6\u30af\u30ce\u30ed\u30b8\u30fc\u30ba",
"version": null
},
{
"model": "point software vpn-1securemote/secureclient ngx r60",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software vpn-1securemote/secureclient ngai r56",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "27675"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002703"
},
{
"db": "CNNVD",
"id": "CNNVD-200802-128"
},
{
"db": "NVD",
"id": "CVE-2008-0662"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:checkpoint:vpn-1_secureclient:ngx_r60:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:checkpoint:vpn-1_secureclient:ngai_r56:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2008-0662"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "MN Vasquez discovered this issue.",
"sources": [
{
"db": "BID",
"id": "27675"
}
],
"trust": 0.3
},
"cve": "CVE-2008-0662",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.2,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2008-0662",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-30787",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2008-0662",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2008-0662",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200802-128",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-30787",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-30787"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002703"
},
{
"db": "CNNVD",
"id": "CNNVD-200802-128"
},
{
"db": "NVD",
"id": "CVE-2008-0662"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Auto Local Logon feature in Check Point VPN-1 SecuRemote/SecureClient NGX R60 and R56 for Windows caches credentials under the Checkpoint\\SecuRemote registry key, which has Everyone/Full Control permissions, which allows local users to gain privileges by reading and reusing the credentials. Check Point VPN-1 SecureClient/SecuRemote client for Microsoft Windows is prone to an information-disclosure vulnerability because it fails to protect users\u0027 login credentials. \nAttackers can exploit this issue to harvest VPN login credentials and gain unauthorized access to networks and resources protected by the VPN. This may lead to further attacks. \n----------------------------------------------------------------------\n\nA new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI\nhas been released. The new version includes many new and advanced\nfeatures, which makes it even easier to stay patched. \n\nDownload and test it today:\nhttps://psi.secunia.com/\n\nRead more about this new version:\nhttps://psi.secunia.com/?page=changelog\n\n----------------------------------------------------------------------\n\nTITLE:\nVPN-1 SecuRemote/SecureClient NGX R60 and NGAI R56 Information\nDisclosure\n\nSECUNIA ADVISORY ID:\nSA28820\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/28820/\n\nCRITICAL:\nLess critical\n\nIMPACT:\nExposure of sensitive information\n\nWHERE:\nLocal system\n\nSOFTWARE:\nCheck Point VPN-1 SecureClient\nhttp://secunia.com/product/2966/\nCheck Point VPN-1 SecuRemote\nhttp://secunia.com/product/2180/\n\nDESCRIPTION:\nA vulnerability has been reported in VPN-1 SecuRemote/SecureClient\nNGX R60 and NGAI R56, which can be exploited by malicious, local\nusers to disclose sensitive information. \n\nThe vulnerability is caused due to the application storing user\ncredentials within the Windows registry\n(HKLM\\Software\\Checkpoint\\SecuRemote, subkey \"Credentials\") without\nproper permission settings. This can be exploited to disclose and use\nthe credentials of other users. \n\nSuccessful exploitation reportedly requires that caching of\ncredentials is enabled. \n\nThe vulnerability is reported in VPN-1 SecuRemote/SecureClient NGX\nR60 and NGAI R56 for Windows. \n\nSOLUTION:\nApply \"VPN-1 SecuRemote/SecureClient NGX R60 HFA_02 Supplement 2\". \nhttp://checkpoint.com/downloads/quicklinks/downloads_sr.html\n\nPROVIDED AND/OR DISCOVERED BY:\nMike Vasquez, digihax\n\nORIGINAL ADVISORY:\nhttps://supportcenter.checkpoint.com/supportcenter/PublicLoginRedirect.jsp?toURL=eventSubmit_doGoviewsolutiondetails=%26solutionid=sk34315\n\ndigihax:\nhttp://digihax.com/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2008-0662"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002703"
},
{
"db": "BID",
"id": "27675"
},
{
"db": "VULHUB",
"id": "VHN-30787"
},
{
"db": "PACKETSTORM",
"id": "63424"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2008-0662",
"trust": 3.6
},
{
"db": "BID",
"id": "27675",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "28820",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2008-0475",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1019317",
"trust": 1.7
},
{
"db": "SREASON",
"id": "3627",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002703",
"trust": 0.8
},
{
"db": "BUGTRAQ",
"id": "20080207 CHECKPOINT SECUREMOTE/SECURE CLIENT NGX AUTO LOCAL LOGON VULNERABILITY",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200802-128",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-30787",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "63424",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-30787"
},
{
"db": "BID",
"id": "27675"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002703"
},
{
"db": "PACKETSTORM",
"id": "63424"
},
{
"db": "CNNVD",
"id": "CNNVD-200802-128"
},
{
"db": "NVD",
"id": "CVE-2008-0662"
}
]
},
"id": "VAR-200802-0381",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-30787"
}
],
"trust": 0.01
},
"last_update_date": "2024-02-22T22:49:53.121000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top\u00a0Page",
"trust": 0.8,
"url": "http://www.checkpoint.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-002703"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-732",
"trust": 1.0
},
{
"problemtype": "Improper permission assignment for critical resources (CWE-732) [NVD evaluation ]",
"trust": 0.8
},
{
"problemtype": "CWE-200",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-30787"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002703"
},
{
"db": "NVD",
"id": "CVE-2008-0662"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://usercenter.checkpoint.com/usercenter/portal/user/anon/page/supportcenter.psml"
},
{
"trust": 1.8,
"url": "http://digihax.com/"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/27675"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1019317"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28820"
},
{
"trust": 1.7,
"url": "http://securityreason.com/securityalert/3627"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/487735/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/0475"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-0662"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/487735/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2008/0475"
},
{
"trust": 0.3,
"url": "http://www.checkpoint.com/products/vpn-1_clients/index.html"
},
{
"trust": 0.3,
"url": "/archive/1/487735"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2966/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "https://psi.secunia.com/?page=changelog"
},
{
"trust": 0.1,
"url": "https://psi.secunia.com/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2180/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/28820/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "https://supportcenter.checkpoint.com/supportcenter/publicloginredirect.jsp?tourl=eventsubmit_dogoviewsolutiondetails=%26solutionid=sk34315"
},
{
"trust": 0.1,
"url": "http://checkpoint.com/downloads/quicklinks/downloads_sr.html"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-30787"
},
{
"db": "BID",
"id": "27675"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002703"
},
{
"db": "PACKETSTORM",
"id": "63424"
},
{
"db": "CNNVD",
"id": "CNNVD-200802-128"
},
{
"db": "NVD",
"id": "CVE-2008-0662"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-30787"
},
{
"db": "BID",
"id": "27675"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002703"
},
{
"db": "PACKETSTORM",
"id": "63424"
},
{
"db": "CNNVD",
"id": "CNNVD-200802-128"
},
{
"db": "NVD",
"id": "CVE-2008-0662"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-02-08T00:00:00",
"db": "VULHUB",
"id": "VHN-30787"
},
{
"date": "2008-02-07T00:00:00",
"db": "BID",
"id": "27675"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-002703"
},
{
"date": "2008-02-08T23:02:08",
"db": "PACKETSTORM",
"id": "63424"
},
{
"date": "2008-02-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200802-128"
},
{
"date": "2008-02-08T02:00:00",
"db": "NVD",
"id": "CVE-2008-0662"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-15T00:00:00",
"db": "VULHUB",
"id": "VHN-30787"
},
{
"date": "2015-05-07T17:33:00",
"db": "BID",
"id": "27675"
},
{
"date": "2024-02-22T02:38:00",
"db": "JVNDB",
"id": "JVNDB-2008-002703"
},
{
"date": "2008-09-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200802-128"
},
{
"date": "2024-01-25T21:31:57.743000",
"db": "NVD",
"id": "CVE-2008-0662"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "27675"
},
{
"db": "PACKETSTORM",
"id": "63424"
},
{
"db": "CNNVD",
"id": "CNNVD-200802-128"
}
],
"trust": 1.0
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Check\u00a0Point\u00a0VPN-1\u00a0SecuRemote/SecureClient\u00a0NGX\u00a0 Privilege Acquisition Vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-002703"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200802-128"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…