The Log Viewer function in the Check Point FireWall-1 GUI for Solaris 3.0b through 4.1 SP2 does not check for the existence of '.log' files when saving files, which allows (1) remote authenticated users to overwrite arbitrary files ending in '.log', or (2) local users to overwrite arbitrary files via a symlink attack.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2002-03-15T05:00:00

Updated: 2024-08-08T04:44:07.370Z

Reserved: 2002-03-15T00:00:00

Link: CVE-2001-1101

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2001-09-08T04:00:00.000

Modified: 2024-11-20T23:36:52.757

Link: CVE-2001-1101

cve-icon Redhat

No data.