Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Check Point FireWall-1 3.0b through 4.1 for Solaris allows local users to overwrite arbitrary files via a symlink attack on temporary policy files that end in a .cpp extension, which are set world-writable.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Check Point Firewall-1 策略编译符号链接漏洞
Vulnerability Description
CVE(CAN) ID: CAN-2001-1102 Check Point Firewall-1是一款流行的商用防火墙产品。 它存在一个安全问题,允许本地用户创建系统文件或者改变文件属性。FireWall-1编译防 火墙策略时,它会在/tmp目录下创建一个临时文件。临时文件的名字由策略名加".cpp"后缀 组成。文件的属性设置为rw-rw-rw- (666),这允许任何人修改这个文件。由于在创建文件 时没有检查该文件是不是链接文件,攻击者可以通过链接攻击来在任意目录下创建文件。 如果攻击者有权编译防火墙
CVSS Information
N/A
Vulnerability Type
N/A