Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2001-1101

EPSS 0.64% · P71
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2001-1101

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
The Log Viewer function in the Check Point FireWall-1 GUI for Solaris 3.0b through 4.1 SP2 does not check for the existence of '.log' files when saving files, which allows (1) remote authenticated users to overwrite arbitrary files ending in '.log', or (2) local users to overwrite arbitrary files via a symlink attack.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Check Point Firewall-1 客户端日志查看器符号链接漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
CVE(CAN) ID: CAN-2001-1101 Check Point Firewall-1是一款流行的商用防火墙产品。 它存在一个安全问题,允许本地用户覆盖系统文件。FireWall-1在通过日志查看器保存文 件时没有检查文件是否已经存在或是不是链接文件。如果攻击者可以通过图形客户端进行 防火墙管理,他就可以使用日志查看器来覆盖任意的以.log为后缀名的文件。如果攻击者 还有对防火墙的本地普通用户权限,他也可以通过设置一个链接,来覆盖任意系统文件。 这可能造成本地拒绝服务攻击。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2001-1101

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2001-1101

登录查看更多情报信息。

Same Patch Batch · n/a · 2002-03-15 · 131 CVEs total

CVE-2001-1214Marcus Xenakis manual.php远程执行任意命令漏洞
CVE-2002-0103Oracle9iAS Web Cache权限提升漏洞
CVE-2002-0102Oracle9iAS Web Cache Null字符处理不当导致拒绝服务漏洞
CVE-2002-0101Microsoft Internet Explorer 安全漏洞
CVE-2002-0100AOLServer受口令保护的文件泄露漏洞
CVE-2002-0099Michael Lamont Savant Web服务器超长请求拒绝服务攻击漏洞
CVE-2001-1226AdCycle远程SQL查询修改漏洞。
CVE-2001-1225Hughes Technologies Mini SQL服务拒绝漏洞
CVE-2001-1224Les VanBrunt AdRotate Pro SQL命令注入漏洞
CVE-2001-1223ELSA Lancom 1100 Office不安全web管理漏洞
CVE-2001-1222Plesk Server Administrator 源代码泄露漏洞
CVE-2001-1221D-Link DWL-1000AP 无线局域网访问点'public'口令漏洞
CVE-2001-1220D-Link DWL-1000AP 无线局域网访问点明文密码漏洞
CVE-2001-1219Microsoft Internet Explorer 安全漏洞
CVE-2001-1218Microsoft IE for Solaris X Server拒绝服务漏洞
CVE-2001-1217Oracle 9i应用服务器PL/SQL Apache模块目录遍历漏洞
CVE-2001-1216Oracle 9i应用服务器PL/SQL Apache模块远程缓冲区溢出漏洞
CVE-2001-1204FrontPage Total PC Solutions PHP Rocket Add-in目录遍历漏洞
CVE-2001-1202DeleGate跨站脚本漏洞
CVE-2001-1198HP-UX rlpdaemon任意创建日志文件漏洞

Showing top 20 of 131 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2001-1101

No comments yet

Leave a comment