Network Associates CSMAP and smap/smapd vulnerable to buffer overflow thereby allowing arbitrary command execution

2001-09-06T00:00:00
ID VU:206723
Type cert
Reporter CERT
Modified 2001-09-06T00:00:00

Description

Overview

A remotely exploitable buffer overflow exists in the Gauntlet Firewall.

Description

The buffer overflow occurs in the smap/smapd and CSMAP daemons. According to PGP Security, these daemons are responsible for handling email transactions for both inbound and outbound e-mail.

This vulnerability occurs in smap/smapd on the following products:

  • Gauntlet for Unix versions 5.x
  • PGP e-ppliance 300 series version 1.0
  • McAfee e-ppliance 100 and 120 series This vulnerability occurs in CSMAP on the following products:
  • Gauntlet for Unix version 6.0
  • PGP e-ppliance 300 series versions 1.5, 2.0
  • PGP e-ppliance 1000 series versions 1.5, 2.0
  • McAfee WebShield for Solaris v4.1

Impact

An intruder can execute arbitrary code with the privileges of the corresponding daemon.


Solution

Patchs for this vulnerability are available from the vendor at <ftp://ftp.nai.com/pub/security/> and <http://www.pgp.com/naicommon/download/upgrade/upgrades-patch.asp>.


Systems Affected

Vendor| Status| Date Notified| Date Updated
---|---|---|---
PGP| | -| 06 Sep 2001
If you are a vendor and your product is affected, let us know.

CVSS Metrics

Group | Score | Vector
---|---|---
Base | N/A | N/A
Temporal | N/A | N/A
Environmental | N/A | N/A

References

  • <http://www.pgp.com/support/product-advisories/csmap.asp>

Credit

This vulnerability was discovered by Jim Stickley of Garrison Technologies.

This document was written by Ian A. Finlay.

Other Information

  • CVE IDs: Unknown
  • Date Public: 04 Sep 2001
  • Date First Published: 06 Sep 2001
  • Date Last Updated: 06 Sep 2001
  • Severity Metric: 50.63
  • Document Revision: 24