Home Page | Skip to Navigation | Skip to Content | Skip to Search | Skip to Footer
 Support Center > Search Results > SecureKnowledge Details
Support Center
 Print    Email
File overwrite vulnerability in Multi-Domain Management / Provider-1 script (CVE-2011-2664)

Solution ID: sk63565
Severity: Medium
Product: Multi-Domain Management / Provider-1
Version: NGX R65, R70, R71, R75
OS: Solaris, SecurePlatform, Linux
Platform / Model: All
Date Created: 15-Jun-2011
Last Modified: 03-Apr-2013
Rate this document
[1=Worst,5=Best]
Solution

For Multi-Domain Management / Provider-1

On the MDS machine:

  1. Download the sw_post_install.sh file and copy it to the MDS machine.
  2. Back up the original $MDS_TEMPLATE/bin/sw_post_install file.
  3. Rename the new sw_post_install.sh file to sw_post_install and put it in the $MDS_TEMPLATE/bin/ directory.

Note: There is no need to restart Check Point services or reboot for the changes to take effect.

For Security Management server

On the Security Management server:

  1. Download the sw_post_install.sh file and copy it to the Security Management server.
  2. Back up the original $FWDIR/bin/sw_post_install file.
  3. Rename the new sw_post_install.sh file to sw_post_install and put it in the $FWDIR/bin/ directory.

Note: There is no need to restart Check Point services or reboot for the changes to take effect.

The fix is included in R75.10 and higher.

Credit: Check Point thanks Matthew Flanagan for responsible disclosure of this issue.


Give us Feedback
Rate this document
[1=Worst,5=Best]
Additional comments...(Max 2000 characters allowed)
Characters left: 2000