Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2001-1102

EPSS 0.05% · P15
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2001-1102

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Check Point FireWall-1 3.0b through 4.1 for Solaris allows local users to overwrite arbitrary files via a symlink attack on temporary policy files that end in a .cpp extension, which are set world-writable.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Check Point Firewall-1 策略编译符号链接漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
CVE(CAN) ID: CAN-2001-1102 Check Point Firewall-1是一款流行的商用防火墙产品。 它存在一个安全问题,允许本地用户创建系统文件或者改变文件属性。FireWall-1编译防 火墙策略时,它会在/tmp目录下创建一个临时文件。临时文件的名字由策略名加".cpp"后缀 组成。文件的属性设置为rw-rw-rw- (666),这允许任何人修改这个文件。由于在创建文件 时没有检查该文件是不是链接文件,攻击者可以通过链接攻击来在任意目录下创建文件。 如果攻击者有权编译防火墙
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2001-1102

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2001-1102

Please Login to view more intelligence information

Same Patch Batch · n/a · 2002-03-15 · 131 CVEs total

CVE-2001-1214Marcus Xenakis manual.php远程执行任意命令漏洞
CVE-2002-0103Oracle9iAS Web Cache权限提升漏洞
CVE-2002-0102Oracle9iAS Web Cache Null字符处理不当导致拒绝服务漏洞
CVE-2002-0101Microsoft Internet Explorer 安全漏洞
CVE-2002-0100AOLServer受口令保护的文件泄露漏洞
CVE-2002-0099Michael Lamont Savant Web服务器超长请求拒绝服务攻击漏洞
CVE-2001-1226AdCycle远程SQL查询修改漏洞。
CVE-2001-1225Hughes Technologies Mini SQL服务拒绝漏洞
CVE-2001-1224Les VanBrunt AdRotate Pro SQL命令注入漏洞
CVE-2001-1223ELSA Lancom 1100 Office不安全web管理漏洞
CVE-2001-1222Plesk Server Administrator 源代码泄露漏洞
CVE-2001-1221D-Link DWL-1000AP 无线局域网访问点'public'口令漏洞
CVE-2001-1220D-Link DWL-1000AP 无线局域网访问点明文密码漏洞
CVE-2001-1219Microsoft Internet Explorer 安全漏洞
CVE-2001-1218Microsoft IE for Solaris X Server拒绝服务漏洞
CVE-2001-1217Oracle 9i应用服务器PL/SQL Apache模块目录遍历漏洞
CVE-2001-1216Oracle 9i应用服务器PL/SQL Apache模块远程缓冲区溢出漏洞
CVE-2001-1204FrontPage Total PC Solutions PHP Rocket Add-in目录遍历漏洞
CVE-2001-1202DeleGate跨站脚本漏洞
CVE-2001-1198HP-UX rlpdaemon任意创建日志文件漏洞

Showing top 20 of 131 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2001-1102

No comments yet

Leave a comment