Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to bypass the directionality check via fragmented TCP connection requests or reopening closed TCP connection requests, aka "One-way Connection Enforcement Bypass."
来源:NVD
Check Point VPN-1/FireWall-1 4.1及其之前版本存在漏洞。远程攻击者借助破碎的TCP连接请求或者重新打开关闭的TCP连接请求绕过目录检测。又称为"One-way Connection Enforcement Bypass"。
来源:CNNVD
Check Point VPN-1/FireWall-1 4.1 及更早版本允许远程攻击者通过破碎的 TCP 连接请求或重新打开已关闭的 TCP 连接请求绕过方向性检查,aka "单向连接执行突破"。