Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-1101


Vulnerability Score 6.4 6.4
CVE Id CVE-2001-1101
Last Modified 05 Sep 2008 04:25:41
Published 08 Sep 2001 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



The Log Viewer function in the Check Point FireWall-1 GUI for Solaris 3.0b through 4.1 SP2 does not check for the existence of '.log' files when saving files, which allows (1) remote authenticated users to overwrite arbitrary files ending in '.log', or (2) local users to overwrite arbitrary files via a symlink attack.

Vulnerable Systems


  • Checkpoint Firewall-1 3.0

  • Checkpoint Firewall-1 4.0

  • Checkpoint Firewall-1 4.1


BUGTRAQ - 20010908 Bug in remote GUI access in CheckPoint Firewall

XF - fw1-log-file-overwrite(7095)

BID - 3303

Last Updated: 27 May 2016 10:36:31