CVE-2001-1158

Name: CVE-2001-1158
Creator: NVD / NIST
Published: 2001-07-09T04:00:00+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 3.20%

Last modified Jun 16, 2026

CVE-2001-1158 is a vulnerability of currently unknown severity. Check Point VPN-1/FireWall-1 4.1 base.def contains a default macro, accept_fw1_rdp, which can allow remote attackers to bypass intended restrictions with forged RDP (internal protocol) headers to UDP port 259 of arbitrary hosts.. EPSS estimates a 3.20% chance of exploitation in the next 30 days.

Description

Check Point VPN-1/FireWall-1 4.1 base.def contains a default macro, accept_fw1_rdp, which can allow remote attackers to bypass intended restrictions with forged RDP (internal protocol) headers to UDP port 259 of arbitrary hosts.

Metrics

EPSS Probability

3.20%

86.5th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

Vendor	Product	Versions
Checkpoint	Firewall-1	4.1
Checkpoint	Firewall-1	4.1_build_41439

References

http://archives.neohapsis.com/archives/bugtraq/2001-07/0128.htmlPatch, Vendor Advisory
http://ciac.llnl.gov/ciac/bulletins/l-109.shtml
http://online.securityfocus.com/cgi-bin/archive.pl?id=1&start=2002-03-11&end=2002-03-17&mid=195647&threads=1
http://www.cert.org/advisories/CA-2001-17.htmlUS Government Resource
http://www.checkpoint.com/techsupport/alerts/rdp.html
http://www.kb.cert.org/vuls/id/310295US Government Resource
http://www.osvdb.org/1884
http://www.securityfocus.com/bid/2952Patch, Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/6815
http://archives.neohapsis.com/archives/bugtraq/2001-07/0128.htmlPatch, Vendor Advisory
http://ciac.llnl.gov/ciac/bulletins/l-109.shtml
http://online.securityfocus.com/cgi-bin/archive.pl?id=1&start=2002-03-11&end=2002-03-17&mid=195647&threads=1
http://www.cert.org/advisories/CA-2001-17.htmlUS Government Resource
http://www.checkpoint.com/techsupport/alerts/rdp.html
http://www.kb.cert.org/vuls/id/310295US Government Resource
http://www.osvdb.org/1884
http://www.securityfocus.com/bid/2952Patch, Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/6815

Timeline

Published: Jul 9, 2001
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2001-1158?

How severe is CVE-2001-1158?

Severity scoring for CVE-2001-1158 is pending analysis. The EPSS model estimates a 3.20% probability of exploitation in the next 30 days.

How do I fix CVE-2001-1158?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2001-1158?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST