CVE - CVE-2008-0662

CVE-ID
CVE-2008-0662	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
The Auto Local Logon feature in Check Point VPN-1 SecuRemote/SecureClient NGX R60 and R56 for Windows caches credentials under the Checkpoint\SecuRemote registry key, which has Everyone/Full Control permissions, which allows local users to gain privileges by reading and reusing the credentials.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BID:27675 URL:http://www.securityfocus.com/bid/27675 BUGTRAQ:20080207 Checkpoint SecuRemote/Secure Client NGX Auto Local Logon Vulnerability URL:http://www.securityfocus.com/archive/1/487735/100/0/threaded CONFIRM:https://usercenter.checkpoint.com/usercenter/portal/user/anon/page/supportCenter.psml MISC:http://digihax.com/ SECTRACK:1019317 URL:http://www.securitytracker.com/id?1019317 SECUNIA:28820 URL:http://secunia.com/advisories/28820 SREASON:3627 URL:http://securityreason.com/securityalert/3627 VUPEN:ADV-2008-0475 URL:~~http://www.vupen.com/english/advisories/2008/0475~~ (Obsolete source)
Assigning CNA
MITRE Corporation
Date Record Created
20080207	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20080207)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)