6.4
CVE-2001-1101
- EPSS 1.47%
- Veröffentlicht 08.09.2001 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:55:35
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
The Log Viewer function in the Check Point FireWall-1 GUI for Solaris 3.0b through 4.1 SP2 does not check for the existence of '.log' files when saving files, which allows (1) remote authenticated users to overwrite arbitrary files ending in '.log', or (2) local users to overwrite arbitrary files via a symlink attack.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Checkpoint ≫ Firewall-1 Version3.0
Checkpoint ≫ Firewall-1 Version4.0
Checkpoint ≫ Firewall-1 Version4.1
Checkpoint ≫ Firewall-1 Version4.1 Updatesp1
Checkpoint ≫ Firewall-1 Version4.1 Updatesp2
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.47% | 0.704 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.4 | 10 | 4.9 |
AV:N/AC:L/Au:N/C:N/I:P/A:P
|
http://www.securityfocus.com/archive/1/212826
http://www.securityfocus.com/bid/3303
https://exchange.xforce.ibmcloud.com/vulnerabilities/7095