Support Center > Search Results > SecureKnowledge Details
File overwrite vulnerability in Multi-Domain Management / Provider-1 script (CVE-2011-2664)
Solution

For Multi-Domain Management / Provider-1

On the MDS machine:

  1. Download the sw_post_install.sh file and copy it to the MDS machine.
  2. Back up the original $MDS_TEMPLATE/bin/sw_post_install file.
  3. Rename the new sw_post_install.sh file to sw_post_install and put it in the $MDS_TEMPLATE/bin/ directory.

Note: There is no need to restart Check Point services or reboot for the changes to take effect.

For Security Management server

On the Security Management server:

  1. Download the sw_post_install.sh file and copy it to the Security Management server.
  2. Back up the original $FWDIR/bin/sw_post_install file.
  3. Rename the new sw_post_install.sh file to sw_post_install and put it in the $FWDIR/bin/ directory.

Note: There is no need to restart Check Point services or reboot for the changes to take effect.

The fix is included in R75.10 and higher.

Credit: Check Point thanks Matthew Flanagan for responsible disclosure of this issue.

This solution is about products that are no longer supported and it will not be updated

Give us Feedback
Please rate this document
[1=Worst,5=Best]
Comment