Log Viewer File Overwrite in Check Point FireWall-1 GUI for Solaris
CVE-2001-1101

Currently unrated

Key Information:

Vendor
Checkpoint
Vendor
CVE Published:
8 September 2001

Summary

The Log Viewer component of the Check Point FireWall-1 GUI for Solaris versions 3.0b through 4.1 SP2 contains a flaw that allows remote authenticated users to overwrite arbitrary files with a '.log' extension. Furthermore, local users can exploit a symlink attack to manipulate file overrides. This lack of validation when saving logs presents security risks by enabling unauthorized access to critical system files.

References

Timeline

  • Vulnerability Reserved

  • Vulnerability published

.