Vulnerabilities > CVE-2001-1102 - Unspecified vulnerability in Checkpoint Firewall-1 3.0/4.0/4.1

CVSS 6.2 - MEDIUM

Attack vector

LOCAL

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

high complexity

checkpoint

NVD

Published: 2001-09-08

Updated: 2017-12-19

Summary

Check Point FireWall-1 3.0b through 4.1 for Solaris allows local users to overwrite arbitrary files via a symlink attack on temporary policy files that end in a .cpp extension, which are set world-writable.

Vulnerable Configurations

Part	Description	Count
Application	Checkpoint Checkpoint Firewall 1 3.0 Checkpoint Firewall 1 4.0 Checkpoint Firewall 1 4.1	4

References

http://www.securityfocus.com/archive/1/212824
http://www.securityfocus.com/bid/3300
https://exchange.xforce.ibmcloud.com/vulnerabilities/7094