Re: CERT Advisory CA-2001-25 (smap overflow)

• Previous message: pestoat_private: "RE: Bug in remote GUI access in CheckPoint Firewall"
• In reply to: Steve Watt: "Re: CERT Advisory CA-2001-25"
• Next in thread: Keith Young: "Re: CERT Advisory CA-2001-25 (smap overflow)"
• Next in thread: Jeremy Epstein: "RE: CERT Advisory CA-2001-25"
• Reply: Keith Young: "Re: CERT Advisory CA-2001-25 (smap overflow)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Steve Watt wrote:
> CERT Advisory  <cert-advisoryat_private> wrote:
> 
>>CERT Advisory CA-2001-25 Buffer Overflow in Gauntlet Firewall allows
>>intruders to execute arbitrary code
>>
> [ ... ]
> 
>>Network Associates, Inc.
>>
>>  PGP Security has published a security advisory describing this
>>  vulnerability as well as patches. This is available from
>>
>>         http://www.pgp.com/support/product-advisories/csmap.asp
>>         http://www.pgp.com/naicommon/download/upgrade/upgrades-patch.asp
>>
> 
> So, does anyone know whether this thoroughly useless advisory
> affects those who are running smap/smapd from the TIS FWTK days?
> Or is the overflow a newly introduced feature?
> 

Steve,

I'm testing this now. Results will be posted to the FWTK-users mailing 
list and (if a vulnerability exists) to the "http://www.fwtk.org/" web site.

-- 
--Keith Young
-kyoung@v-one.com
-fwtk.org web site maintainer

• Next message: Jeremy Epstein: "RE: CERT Advisory CA-2001-25"
• Previous message: pestoat_private: "RE: Bug in remote GUI access in CheckPoint Firewall"
• In reply to: Steve Watt: "Re: CERT Advisory CA-2001-25"
• Next in thread: Keith Young: "Re: CERT Advisory CA-2001-25 (smap overflow)"
• Next in thread: Jeremy Epstein: "RE: CERT Advisory CA-2001-25"
• Reply: Keith Young: "Re: CERT Advisory CA-2001-25 (smap overflow)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Sep 10 2001 - 16:40:50 PDT