[14991] in bugtraq
Gauntlet CyberPatrol Buffer Overflow
daemon@ATHENA.MIT.EDU (Rob Lindenbusch)
Mon May 22 17:04:52 2000
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="------------FD63DF6F0AD3BA4863045B1B"
Message-Id: <392961F5.2240B376@ai.org>
Date: Mon, 22 May 2000 11:36:05 -0500
Reply-To: Rob Lindenbusch <lfcrob@AI.ORG>
From: Rob Lindenbusch <lfcrob@AI.ORG>
X-To: bugtraq@securityfocus.com
To: BUGTRAQ@SECURITYFOCUS.COM
This is a multi-part message in MIME format.
--------------FD63DF6F0AD3BA4863045B1B
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
This was posted to the Guantlet User list this morning. The claim is
that there is no exploit "in the wild" and that the only holders of the
code are NAI and Garrison Tech, and they don't plan to release it. Of
course, nobody else will figure it out, right? Nice to have a buffer
overflow in a firewall in any case.
--
Rob Lindenbusch
Lead Systems Administrator
Access Indiana Information Network
E-mail: lfcrob@ai.org
Phone: (317)233-2378
URL: http://www.state.in.us/
--------------FD63DF6F0AD3BA4863045B1B
Content-Type: message/rfc822
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Received: from burr.ai.org (firewall-user@hamilton.ai.org [165.139.95.80])
by ai.org (8.9.1/8.9.1) with ESMTP id IAA14876
for <lfcrob@ai.org>; Mon, 22 May 2000 08:24:39 -0500 (EST)
Received: by burr.ai.org; id IAA03014; Mon, 22 May 2000 08:24:39 -0500 (EST)
Received: from gate.rmsbus.com(207.49.255.141) by burr.ai.org via smap (V4.2)
id xma002826; Mon, 22 May 00 08:24:15 -0500
Received: by gate.rmsbus.com; id IAA28859; Mon, 22 May 2000 08:24:14 -0500 (CDT)
Received: from unknown(204.126.30.50) by gate.rmsbus.com via smap (V5.0)
id xma028843; Mon, 22 May 00 08:23:51 -0500
Received: (from root@localhost) by mail.rmsbus.com (8.8.6 (PHNE_17135)/8.7.1) id HAA01373 for lfcrob@ai.org; Mon, 22 May 2000 07:59:16 -0500 (CDT)
Date: Mon, 22 May 2000 07:59:16 -0500 (CDT)
Message-Id: <447A3F40A07FD211BA2700A0C99D759BD82A6A@md-exchange1.nai.com>
Reply-To: gauntlet-user@rmsbus.com
Originator: gauntlet-user@mail.rmsbus.com
Sender: gauntlet-user@rmsbus.com
Precedence: bulk
From: "Shivdasani, Meenoo" <Meenoo_Shivdasani@nai.com>
To: Multiple recipients of list <gauntlet-user@mail.rmsbus.com>
Subject: [GAUNTLET-USER] Important Security Advisory: Gauntlet Unix, E-ppliance series, We
X-Listprocessor-Version: 6.0c -- ListProcessor by Anastasios Kotsikonas
X-Comment: Archives & help: http://rmsbus.com/gauntlet-user.htm
X-Mozilla-Status2: 00000000
Folks,
We have released patches to deal with a security issue with the products
mentioned in the Subject line.
The full advisory is available from
http://www.tis.com/support/cyberadvisory.html
Patches are available from http://www.tis.com/support/patchpage.html -- the
patch you need is cyber.patch for whatever version you are currently
running.
There is no released patch for Gauntlet 4.1, however if you refer to the
advisory you can implement the workaround detailed in that advisory.
If you have questions, feel free to direct them my way.
Thanks,
M (in official sort of capacity)
--
Principal Network Security Engineer
Gauntlet Technical Support
--------------FD63DF6F0AD3BA4863045B1B--
