Check Point FireWall-1 3.0b through 4.1 for Solaris allows local users to overwrite arbitrary files via a symlink attack on temporary policy files that end in a .cpp extension, which are set world-writable.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Firewall-1 | Checkpoint | 3.0 | 3.0 |
Firewall-1 | Checkpoint | 4.0 | 4.0 |
Firewall-1 | Checkpoint | 4.1 | 4.1 |
Firewall-1 | Checkpoint | 4.1 | 4.1 |