Support Center > Search Results > SecureKnowledge Details
File overwrite vulnerability in Multi-Domain Management / Provider-1 script (CVE-2011-2664)
Solution

For Multi-Domain Management / Provider-1

On the MDS machine:

  1. Download the sw_post_install.sh file and copy it to the MDS machine.
  2. Back up the original $MDS_TEMPLATE/bin/sw_post_install file.
  3. Rename the new sw_post_install.sh file to sw_post_install and put it in the $MDS_TEMPLATE/bin/ directory.

Note: There is no need to restart Check Point services or reboot for the changes to take effect.

For Security Management server

On the Security Management server:

  1. Download the sw_post_install.sh file and copy it to the Security Management server.
  2. Back up the original $FWDIR/bin/sw_post_install file.
  3. Rename the new sw_post_install.sh file to sw_post_install and put it in the $FWDIR/bin/ directory.

Note: There is no need to restart Check Point services or reboot for the changes to take effect.

The fix is included in R75.10 and higher.

Credit: Check Point thanks Matthew Flanagan for responsible disclosure of this issue.

Give us Feedback
Please rate this document
[1=Worst,5=Best]
Comment