Vulnerabilities > CVE-2011-2664 - Local Security vulnerability in Check Point Provider-1

CVSS 3.6 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

PARTIAL

local

low complexity

checkpoint

NVD

Published: 2011-07-08

Updated: 2017-08-29

Summary

Unspecified vulnerability in Check Point Multi-Domain Management / Provider-1 NGX R65, R70, R71, and R75, and SmartCenter during installation on non-Windows machines, allows local users on the MDS system to overwrite arbitrary files via unknown vectors.

Vulnerable Configurations

Part	Description	Count
Application	Checkpoint Checkpoint Multi Domain Management/Provider 1 Ngx_R65 Checkpoint Multi Domain Management/Provider 1 Ngx_R70 Checkpoint Multi Domain Management/Provider 1 Ngx_R71 Checkpoint Multi Domain Management/Provider 1 Ngx_R75 Checkpoint Multi Domain Management/Provider 1 Ngx_Smartcenter	5

Seebug

bulletinFamily	exploit
description	CVE ID：CVE-2011-2664 Check Point Provider-1是一款安全管理解决方案，用来满足具有复杂安全策略需求企业的可扩展性要求。 Check Point多域管理/Provider-1存在未明错误，允许攻击者覆盖任意文件或修改SofaWare 管理服务器配置。 Check Point Provider-1 厂商解决方案用户可参考如下供应商提供的安全公告获得补丁信息： https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk63565
id	SSV:20747
last seen	2017-11-19
modified	2011-07-20
published	2011-07-20
reporter	Root
title	Check Point多域管理/Provider-1文件覆盖漏洞

Summary

Vulnerable Configurations

Seebug

References