Gauntlet Firewall for Unix and WebShield CSMAP and smap/smapd Buffer Overflow Vulnerability

A boundary condition error exists in the smap/smapd and CSMAPD daemons, shipped with several popular Network Associates products. The smap/smapd and CSMAP daemons are proxy servers used to handle e-mail transactions for both inbound and outbound e-mail.

By successfully exploiting this condition, an attacker may be able to cause arbitrary code/commands to be executed on a vulnerable system with the privileges of the attacked daemon.

Additional technical details are currently unknown.

Some versions of SGI IRIX shipped with the Gauntlet Firewall package, and in the past it was a supported SGI product. While it is no longer being supported, SGI IRIX versions 6.5.2, 6.5.3, 6.5.4 and 6.5.5 may be prone to this issue.


Privacy Statement
Copyright 2010, SecurityFocus