Check Point response to CVE-2015-6563

Support Center > Search Results > SecureKnowledge Details

Technical Level

Solution ID	sk133652
Technical Level
Product	Security Gateway
Version	All
OS	Gaia, SecurePlatform 2.6, IPSO 6.2
Platform / Model	All
Date Created	15-Aug-2018
Last Modified	19-Aug-2018

Symptoms

A security bypass vulnerability exists in sshd due to improper handling of username data in MONITOR_REQ_PAM_INIT_CTX requests. A local attacker can exploit this by sending a MONITOR_REQ_PWNAM request to conduct an impersonation attack. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6563

Solution

This vulnerability requires Expert access to the system. If a remote attacker has expert access, he/she won't need to use this vulnerability. Therefore, it is less relevant to IPSO/GAiA, SecurePlatform.

This solution has been verified for the specific scenario, described by the combination of Product, Version and Symptoms. It may not work in other scenarios.

Give us Feedback

Please rate this document

[1=Worst,5=Best]

Comment
	Submitting rating