CVE-2005-4093

Name of the Vulnerable Software and Affected Versions Check Point VPN-1 SecureClient NG versions 4.0 through 4.1 Check Point VPN-1 SecureClient NG with Application Intelligence R56 Check Point VPN-1 SecureClient NG with Application Intelligence NG FP1

Description The issue allows remote attackers to bypass security policies by modifying the local copy of the local.scv policy file after it has been downloaded from the VPN Endpoint.

Recommendations For Check Point VPN-1 SecureClient NG versions 4.0 through 4.1, consider implementing additional security measures to prevent unauthorized modification of the local.scv policy file. For Check Point VPN-1 SecureClient NG with Application Intelligence R56, restrict access to the local.scv file to minimize the risk of exploitation. For Check Point VPN-1 SecureClient NG with Application Intelligence NG FP1, as a temporary workaround, consider monitoring the local.scv file for any unauthorized changes until a patch is available.