CVE-2000-1032

Name of the Vulnerable Software and Affected Versions Check Point Firewall-1 versions 4.0 and earlier

Description The client authentication interface generates different error messages for invalid usernames versus invalid passwords, allowing remote attackers to identify valid usernames on the firewall.

Recommendations For Check Point Firewall-1 versions 4.0 and earlier, consider modifying the authentication interface to return generic error messages for both invalid usernames and passwords to prevent disclosure of valid usernames. At the moment, there is no information about a newer version that contains a fix for this vulnerability.