Unrated severityNVD Advisory· Published Sep 8, 2001· Updated Jun 16, 2026

CVE-2001-1101

Description

The Log Viewer function in the Check Point FireWall-1 GUI for Solaris 3.0b through 4.1 SP2 does not check for the existence of '.log' files when saving files, which allows (1) remote authenticated users to overwrite arbitrary files ending in '.log', or (2) local users to overwrite arbitrary files via a symlink attack.

Affected products

Checkpoint/Firewall 16 versions
cpe:2.3:a:checkpoint:firewall-1:3.0:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:checkpoint:firewall-1:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:checkpoint:firewall-1:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:checkpoint:firewall-1:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:checkpoint:firewall-1:4.1:sp1:*:*:*:*:*:*
- cpe:2.3:a:checkpoint:firewall-1:4.1:sp2:*:*:*:*:*:*
- (no CPE)range: 3.0b through 4.1 SP2

Patches

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/archive/1/212826nvdPatchVendor Advisory
www.securityfocus.com/bid/3303nvdVendor Advisory
exchange.xforce.ibmcloud.com/vulnerabilities/7095nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000