Network Associates CSMAP and smap/smapd vulnerable to buffer overflow thereby allowing arbitrary command execution

ID VU:206723
Type cert
Reporter CERT
Modified 2001-09-06T21:02:00



A remotely exploitable buffer overflow exists in the Gauntlet Firewall.


The buffer overflow occurs in the smap/smapd and CSMAP daemons. According to PGP Security, these daemons are responsible for handling email transactions for both inbound and outbound e-mail.

This vulnerability occurs in smap/smapd on the following products:

* Gauntlet for Unix versions 5.x
* PGP e-ppliance 300 series version 1.0
* McAfee e-ppliance 100 and 120 series

This vulnerability occurs in CSMAP on the following products: * Gauntlet for Unix version 6.0 * PGP e-ppliance 300 series versions 1.5, 2.0 * PGP e-ppliance 1000 series versions 1.5, 2.0 * McAfee WebShield for Solaris v4.1


An intruder can execute arbitrary code with the privileges of the corresponding daemon.


Patchs for this vulnerability are available from the vendor at <> and <>.

Vendor Information


Filter by status: All Affected Not Affected Unknown

Filter by content: __ Additional information available

__ Sort by: Status Alphabetical

Expand all

Javascript is disabled. Click here to view vendors.

PGP __ Affected

Updated: September 06, 2001



Vendor Statement

Please see <>

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.


The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

CVSS Metrics

Group | Score | Vector
Base | |
Temporal | |
Environmental | |




This vulnerability was discovered by Jim Stickley of Garrison Technologies.

This document was written by Ian A. Finlay.

Other Information

CVE IDs: | None
Severity Metric: | 50.63
Date Public: | 2001-09-04
Date First Published: | 2001-09-06
Date Last Updated: | 2001-09-06 21:02 UTC
Document Revision: | 27