Local File Overwrite Vulnerability in Check Point Firewall Software
CVE-2001-1102
Currently unrated
Summary
The Check Point FireWall-1 software versions 3.0b through 4.1 for Solaris is susceptible to a local file overwriting vulnerability. This occurs when local users exploit the symlink attack vector on temporary policy files, specifically those with a .cpp extension, which have been incorrectly configured with world-writable permissions. This configuration allows unauthorized users to overwrite arbitrary files, potentially leading to further exploitation or system compromise.
References
Timeline
Vulnerability Reserved
Vulnerability published