Gauntlet Vulnerability

From: aleph1at_private
Date: Tue Sep 04 2001 - 22:17:17 PDT

Next message: Wietse Venema: "Re: S/Key keyinit(1) authentication (lack thereof) + sudo(1)"

Previous message: Christopher Kruslicky: "Telnet DoS Vulnerability in Marconi ATM Switch Software"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

There is to be a buffer overflow vulnerability in SMTP
proxy in Gauntlet firewalls 5.x and 6.0 under Solaris and HP-UX.
Also in the PGP e-ppliance 300 series version 1.0, 1.5, and 2.0;
PGP e-ppliance 1000 series versions 1.5 and 2.0; McAfee e-ppliance 100 
and 120 series; and McAfee WebShield for Solaris v4.1.

The vulnerability was discovered by Jim Stickley of Garrison Technologies.

You can find the PGP advisory at
http://www.pgp.com/support/product-advisories/csmap.asp

-- 
Elias Levy
SecurityFocus
http://www.securityfocus.com/
Si vis pacem, para bellum

Next message: Wietse Venema: "Re: S/Key keyinit(1) authentication (lack thereof) + sudo(1)"
Previous message: Christopher Kruslicky: "Telnet DoS Vulnerability in Marconi ATM Switch Software"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Sep 04 2001 - 23:01:15 PDT