Log Viewer File Overwrite in Check Point FireWall-1 GUI for Solaris
CVE-2001-1101
Currently unrated
Summary
The Log Viewer component of the Check Point FireWall-1 GUI for Solaris versions 3.0b through 4.1 SP2 contains a flaw that allows remote authenticated users to overwrite arbitrary files with a '.log' extension. Furthermore, local users can exploit a symlink attack to manipulate file overrides. This lack of validation when saving logs presents security risks by enabling unauthorized access to critical system files.
References
Timeline
Vulnerability Reserved
Vulnerability published