CVE

Id
23071  
CVE No.
CVE-2006-6967  
Status
Candidate  
Description
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). In addition, it describes standard behavior (publication of revocation lists) and as such does not cross privilege boundaries. Notes: the former description is: "Check Point FireWall-1 allows remote attackers to obtain certificate revocation lists (CRLs) and other unspecified sensitive information via an HTTP request for the top-level URI on the internal certificate authority (ICA) port (18264/tcp)."  
Phase
Assigned (20070203)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
222707 23071 CVE-2006-6967 MISC:http://www.nessus.org/plugins/index.php?view=single&id=22094  View
222708 23071 CVE-2006-6967 OSVDB:31592  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
54384 JVNDB-2007-003076 Jetty におけるセッション識別子を推測される脆弱性 Jetty は、予測可能な java.util.random を使用するセッション識別子を生成するため、総当たり攻撃を通してセッション識別子を推測される、認証要求を回避される、およびクロスサイトリクエストフォージェリ攻撃を実行される脆弱性が存在します。 CVE-2006-6969 23071 6.8 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-003076.html  View