Check Point Firewall-1 GUI Client Log Viewer Symbolic Link Vulnerability

Check Point Firewall-1 is a commercial firewall implementation designed for small to enterprise sized networks.

A problem with Firewall-1 makes it possible for a local user to overwrite critical system files. Firewall-1 does not check for the existance of files when saving files through the Log Viewer function. Log Viewer will overwrite files ending in the .log extension, and will following symbolic links to corrupt root-owned files.

This makes it possible for a user with administrative access to Firewall-1 and local shell access to deny service to legitimate users of the system.


Privacy Statement
Copyright 2010, SecurityFocus