Multiple Check Point Endpoint Security Products - Information Disclosure

Author: Rapid7
type: remote
platform: hardware
port: 
date_added: 2011-02-07  
date_updated: 2014-11-22  
verified: 1  
codes: OSVDB-72797  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 35317.txt  

source: https://www.securityfocus.com/bid/46224/info

Multiple Check Point endpoint security products are prone to multiple information-disclosure vulnerabilities.

Attackers can exploit these issues to harvest sensitive information that may lead to further attacks.

http://www.example.com/conf/ssl/apache/integrity-smartcenter.cert
http://www.example.com/conf/ssl/apache/integrity-smartcenter.key
http://www.example.com/conf/ssl/apache/integrity.cert
http://www.example.com/conf/ssl/apache/integrity.key
http://www.example.com/conf/ssl/apache/smartcenter.cert
http://www.example.com/conf/ssl/integrity-keystore.jks
http://www.example.com/conf/ssl/isskeys.jks
http://www.example.com/conf/ssl/openssl.pem
http://www.example.com/conf/integrity.xml
http://www.example.com/conf/jaas/users.xml
http://www.example.com/bin/DBSeed.xml
http://www.example.com:8080/conf/ssl/apache/integrity-smartcenter.cert