VULHUB ™

VPN-1 is a popular secure remote access software package, distributed and maintained by Check Point. A problem with the software package makes it possible for a user to gain potential access. Check Point VPN-1 will return different error messages for valid and invalid usernames when accessed via SecuRemote, or a client that speaks compatible protocol. This increases the chances of a remote attacker launching a successful brute force attack against a VPN-1 server. This vulnerability affects Windows NT and 2000 implementations.

VPN-1 is a popular secure remote access software package, distributed and maintained by Check Point. A problem with the software package makes it possible for a user to gain potential access. Check Point VPN-1 will return different error messages for valid and invalid usernames when accessed via SecuRemote, or a client that speaks compatible protocol. This increases the chances of a remote attacker launching a successful brute force attack against a VPN-1 server. This vulnerability affects Windows NT and 2000 implementations.