CVE-2001-1102 — Checkpoint Firewall-1 vulnerability

3 documents3 sources

Severity

6.2MEDIUMNVD

EPSS

0.1%

top 84.67%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Checkpoint Firewall-1

Timeline

PublishedSep 8

Latest updateApr 30

Description

Check Point FireWall-1 3.0b through 4.1 for Solaris allows local users to overwrite arbitrary files via a symlink attack on temporary policy files that end in a .cpp extension, which are set world-writable.

CVSS vector

AV:L/AC:H/C:C/I:C/A:CExploitability: 1.9 | Impact: 10.0

Affected Packages1 packages

▶NVDcheckpoint/firewall-13.0, 4.0, 4.1+2

Patches

Patch: www.securityfocus.com ↗Patch: www.securityfocus.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-5rfj-cxjw-j8wv: Check Point FireWall-1 3↗2022-04-30

▶

CVEList

CVE-2001-1102: Check Point FireWall-1 3↗2002-03-15

▶