[22596] in bugtraq
Re: CERT Advisory CA-2001-25 (smap overflow)
daemon@ATHENA.MIT.EDU (Keith Young)
Mon Sep 10 17:45:51 2001
Message-ID: <3B9CF942.1010300@v-one.com>
Date: Mon, 10 Sep 2001 13:32:50 -0400
From: Keith Young <kyoung@v-one.com>
Reply-To: kyoung@v-one.com
MIME-Version: 1.0
To: Steve Watt <steve+bugtraq@Watt.COM>
Cc: bugtraq@securityfocus.com
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Steve Watt wrote:
> CERT Advisory <cert-advisory@cert.org> wrote:
>
>>CERT Advisory CA-2001-25 Buffer Overflow in Gauntlet Firewall allows
>>intruders to execute arbitrary code
>>
> [ ... ]
>
>>Network Associates, Inc.
>>
>> PGP Security has published a security advisory describing this
>> vulnerability as well as patches. This is available from
>>
>> http://www.pgp.com/support/product-advisories/csmap.asp
>> http://www.pgp.com/naicommon/download/upgrade/upgrades-patch.asp
>>
>
> So, does anyone know whether this thoroughly useless advisory
> affects those who are running smap/smapd from the TIS FWTK days?
> Or is the overflow a newly introduced feature?
>
Steve,
I'm testing this now. Results will be posted to the FWTK-users mailing
list and (if a vulnerability exists) to the "http://www.fwtk.org/" web site.
--
--Keith Young
-kyoung@v-one.com
-fwtk.org web site maintainer
