CVE-2001-1101

Name of the Vulnerable Software and Affected Versions Check Point FireWall-1 GUI for Solaris versions 3.0b through 4.1 SP2

Description The issue concerns the Log Viewer function, which does not properly check for the existence of '.log' files when saving. This allows remote authenticated users to overwrite arbitrary files with a '.log' extension. Additionally, local users can exploit this by using a symlink attack to overwrite arbitrary files.

Recommendations For versions 3.0b through 4.1 SP2, consider restricting access to the Log Viewer function until a proper fix is applied, and avoid using the function to save files that could potentially overwrite critical system or configuration files. As a temporary workaround, consider implementing additional file system permissions or access controls to limit the ability of remote authenticated and local users to overwrite sensitive files.