[UNIX] Gauntlet Firewall for UNIX and WebShield CSMAP and smap/smapd Buffer Overflow VulnerabilitiesFrom: firstname.lastname@example.org
- Previous message: email@example.com: "[NEWS] Highly Respected OpenBSD and OpenSSH Programmer Censors Website, Cites DMCA"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: firstname.lastname@example.org To: email@example.com Subject: [UNIX] Gauntlet Firewall for UNIX and WebShield CSMAP and smap/smapd Buffer Overflow Vulnerabilities Message-Id: <20010906035717.5A7D3138C0@mail.der-keiler.de> Date: Thu, 6 Sep 2001 05:57:17 +0200 (CEST)
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion
When was the last time you checked your server's security?
How about a monthly report?
http://www.AutomatedScanning.com - Know that you're safe.
- - - - - - - - -
Gauntlet Firewall for UNIX and WebShield CSMAP and smap/smapd Buffer
This security vulnerability is a Buffer Overflow in the smap/smapd and
CSMAP daemons. The smap/smapd and CSMAP daemons are responsible for
handling e-mail transactions for both inbound and outbound e-mail. It is
possible to exploit this Buffer Overflow vulnerability to execute
arbitrary shell commands with the privileges of the owner of the
A security vulnerability has been discovered in smap/smapd on the
* Gauntlet for UNIX versions 5.x
* PGP e-ppliance 300 series version 1.0
* McAfee e-ppliance 100 and 120 series
A security vulnerability has been discovered in CSMAP on the following
* Gauntlet for UNIX version 6.0
* PGP e-ppliance 300 series versions 1.5, 2.0
* PGP e-ppliance 1000 series versions 1.5, 2.0
* McAfee WebShield for Solaris v4.1
A patch to repair this vulnerability is available for all products listed
above at <ftp://ftp.nai.com/pub/security/>
http://www.pgp.com/naicommon/download/upgrade/upgrades-patch.asp for the
Gauntlet and PGP e-ppliance products and www.mcafeeb2b.com for the McAfee
e-ppliance and WebShield products.
This patch is a mandatory patch that includes a new version of the
corresponding daemons and addresses the buffer overflow. Instructions for
installing the patch are included in the README file contained within the
NOTE FOR HP-UX GAUNTLET v.5.x USERS:
Gauntlet v.5.x users on HP-UX must have HP-UX patch PHCO_16723 or later
installed for the smap/smapd patch to function properly, as there is a
dependency upon the library contained in that HP patch. The smap/smapd
patch for Gauntlet v.5.x makes a check for the presence of the latest
iteration of this patch (PHCO_23684). If this patch is not present, it
will inform the user that PHCO_16723 or later is required and prompt the
user if they want to continue. Failure to have PHCO_16723 or later will
prevent all e-mail traffic if the smap/smapd patch is installed.
PHCO_23684 is available from the HP support web site. The required library
is built into HP-UX v.11.0, so Gauntlet v.6.0 users on HP-UX do not
require an additional patch.
The information has been provided by PGP Security.
This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: firstname.lastname@example.org
In order to subscribe to the mailing list, simply forward this email to: email@example.com
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.