Local Privilege Escalation via Symlink Attack in Check Point FireWall-1 for Solaris

Local Privilege Escalation via Symlink Attack in Check Point FireWall-1 for Solaris

CVE-2001-1102 · MEDIUM Severity

AV:L/AC:H/AU:N/C:C/I:C/A:C

Check Point FireWall-1 3.0b through 4.1 for Solaris allows local users to overwrite arbitrary files via a symlink attack on temporary policy files that end in a .cpp extension, which are set world-writable.

Learn more about our Cis Benchmark Audit For Oracle Solaris.