Local File Overwrite Vulnerability in Check Point Firewall Software
CVE-2001-1102

Currently unrated

Key Information:

Vendor: Checkpoint
Status: Firewall-1
Vendor: CVE Published:; 8 September 2001

Summary

The Check Point FireWall-1 software versions 3.0b through 4.1 for Solaris is susceptible to a local file overwriting vulnerability. This occurs when local users exploit the symlink attack vector on temporary policy files, specifically those with a .cpp extension, which have been incorrectly configured with world-writable permissions. This configuration allows unauthorized users to overwrite arbitrary files, potentially leading to further exploitation or system compromise.

References

http://www.securityfocus.com/bid/3300

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/7094

vdb-entryx_refsource_XF

http://www.securityfocus.com/archive/1/212824

mailing-listx_refsource_BUGTRAQ

Timeline

Vulnerability Reserved
Mar 15, 2002
Vulnerability published
Sep 8, 2001