Vulnerability Name: | CVE-2001-1456 (CCN-7088) | ||||||||
Assigned: | 2001-09-04 | ||||||||
Published: | 2001-09-04 | ||||||||
Updated: | 2017-07-11 | ||||||||
Summary: | Buffer overflow in the (1) smap/smapd and (2) CSMAP daemons for Gauntlet Firewall 5.0 through 6.0 allows remote attackers to execute arbitrary code via a crafted mail message. | ||||||||
CVSS v3 Severity: | 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||
CVSS v2 Severity: | 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
| ||||||||
Vulnerability Type: | CWE-119 | ||||||||
Vulnerability Consequences: | Gain Privileges | ||||||||
References: | Source: CCN Type: SGI Security Advisory 20011104-01-I IRIX Gauntlet Vulnerabilities Source: SGI Type: Patch 20011104-01-I Source: CCN Type: BugTraq Mailing List, Wed Sep 05 2001 - 00:17:17 CDT Gauntlet Vulnerability Source: MITRE Type: CNA CVE-2001-1456 Source: CCN Type: SecurityFocus News September 4, 2001 3:34 PM PT Security hole found in Gauntlet Source: CCN Type: CERT Advisory CA-2001-25 Buffer Overflow in Gauntlet Firewall allows intruders to execute arbitrary code Source: CERT Type: US Government Resource CA-2001-25 Source: CCN Type: CIAC Information Bulletin L-140 Gauntlet Firewall CSMAP and smap/smapd Buffer Overflow Vulnerability Source: CCN Type: US-CERT VU#206723 Network Associates CSMAP and smap/smapd vulnerable to buffer overflow thereby allowing arbitrary command execution Source: CERT-VN Type: Patch, US Government Resource VU#206723 Source: CCN Type: OSVDB ID: 4689 NAI Gauntlet Firewall smap / smapd / CSMAP Daemon Remote Overflow Source: CCN Type: PGP Security Advisory September 4, 2001 Gauntlet Firewall for Unix and WebShield CSMAP and smap/smapd Buffer Overflow Vulnerability Advisory Source: BID Type: UNKNOWN 3290 Source: CCN Type: BID-3290 Gauntlet Firewall for Unix and WebShield CSMAP and smap/smapd Buffer Overflow Vulnerability Source: XF Type: UNKNOWN gauntlet-csmap-bo(7088) Source: XF Type: UNKNOWN gauntlet-csmap-bo(7088) | ||||||||
Vulnerable Configuration: | Configuration 1: Configuration 2: Configuration CCN 1: Denotes that component is vulnerable | ||||||||
BACK |