Title: Gauntlet Firewall for Unix and WebShield CSMAP and smap/smapd Buffer Overflow Vulnerability
Severity: CRITICAL
Description:
A boundary condition error exists in the smap/smapd and CSMAPD daemons, shipped with several popular Network Associates products. The smap/smapd and CSMAP daemons are proxy servers used to handle e-mail transactions for both inbound and outbound e-mail.
By successfully exploiting this condition, an attacker may be able to cause arbitrary code/commands to be executed on a vulnerable system with the privileges of the attacked daemon.
Additional technical details are currently unknown.
Some versions of SGI IRIX shipped with the Gauntlet Firewall package, and in the past it was a supported SGI product. While it is no longer being supported, SGI IRIX versions 6.5.2, 6.5.3, 6.5.4 and 6.5.5 may be prone to this issue.
Affected Products:
- McAfee WebShield for Solaris 4.0.0
- Network Associates Gauntlet Firewall 4.2.0
- Network Associates Gauntlet Firewall for Unix 5.0.0
- Network Associates Gauntlet Firewall for Unix 5.5.0
- Network Associates Gauntlet Firewall for Unix 6.0.0
- Network Associates PGP e-ppliance 300 series 1.0.0
- Network Associates PGP e-ppliance 300 series 1.5.0
- Network Associates PGP e-ppliance 300 series 2.0.0
- SGI IRIX 6.2.0
- SGI IRIX 6.3.0
- SGI IRIX 6.4.0
- SGI IRIX 6.5.0
References:
- Network Associates Inc.: PGP Security - CSMAP and smap/smapd BUFFER OVERFLOW VULNERABILITY ADVISORY
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
