[UNIX] Gauntlet Firewall for UNIX and WebShield CSMAP and smap/smapd Buffer Overflow Vulnerabilities

From: support@securiteam.com
Date: 09/06/01


From: support@securiteam.com
To: list@securiteam.com
Subject: [UNIX] Gauntlet Firewall for UNIX and WebShield CSMAP and smap/smapd Buffer Overflow Vulnerabilities
Message-Id: <20010906035717.5A7D3138C0@mail.der-keiler.de>
Date: Thu,  6 Sep 2001 05:57:17 +0200 (CEST)

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion

When was the last time you checked your server's security?
How about a monthly report?
http://www.AutomatedScanning.com - Know that you're safe.
- - - - - - - - -

  Gauntlet Firewall for UNIX and WebShield CSMAP and smap/smapd Buffer
Overflow Vulnerabilities
------------------------------------------------------------------------

SUMMARY

This security vulnerability is a Buffer Overflow in the smap/smapd and
CSMAP daemons. The smap/smapd and CSMAP daemons are responsible for
handling e-mail transactions for both inbound and outbound e-mail. It is
possible to exploit this Buffer Overflow vulnerability to execute
arbitrary shell commands with the privileges of the owner of the
corresponding daemon.

DETAILS

A security vulnerability has been discovered in smap/smapd on the
following products:
 * Gauntlet for UNIX versions 5.x
 * PGP e-ppliance 300 series version 1.0
 * McAfee e-ppliance 100 and 120 series

A security vulnerability has been discovered in CSMAP on the following
products:
 * Gauntlet for UNIX version 6.0
 * PGP e-ppliance 300 series versions 1.5, 2.0
 * PGP e-ppliance 1000 series versions 1.5, 2.0
 * McAfee WebShield for Solaris v4.1

Solution:
A patch to repair this vulnerability is available for all products listed
above at <ftp://ftp.nai.com/pub/security/>
ftp://ftp.nai.com/pub/security/ and
<http://www.pgp.com/naicommon/download/upgrade/upgrades-patch.asp>
http://www.pgp.com/naicommon/download/upgrade/upgrades-patch.asp for the
Gauntlet and PGP e-ppliance products and www.mcafeeb2b.com for the McAfee
e-ppliance and WebShield products.

This patch is a mandatory patch that includes a new version of the
corresponding daemons and addresses the buffer overflow. Instructions for
installing the patch are included in the README file contained within the
patch.

NOTE FOR HP-UX GAUNTLET v.5.x USERS:
Gauntlet v.5.x users on HP-UX must have HP-UX patch PHCO_16723 or later
installed for the smap/smapd patch to function properly, as there is a
dependency upon the library contained in that HP patch. The smap/smapd
patch for Gauntlet v.5.x makes a check for the presence of the latest
iteration of this patch (PHCO_23684). If this patch is not present, it
will inform the user that PHCO_16723 or later is required and prompt the
user if they want to continue. Failure to have PHCO_16723 or later will
prevent all e-mail traffic if the smap/smapd patch is installed.
PHCO_23684 is available from the HP support web site. The required library
is built into HP-UX v.11.0, so Gauntlet v.6.0 users on HP-UX do not
require an additional patch.

ADDITIONAL INFORMATION

The information has been provided by PGP Security.

========================================

This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com

====================
====================

DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.