Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2000-0437 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Associates Gauntlet Firewall

4 documents4 sources

Severity

10.0CRITICALNVD

EPSS

7.2%

top 8.39%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Network Associates Gauntlet Firewall Network Associates Webshield Network Associates Webshield E-ppliance

Timeline

PublishedMay 18

Latest updateApr 30

Description

Buffer overflow in the CyberPatrol daemon "cyberdaemon" used in gauntlet and WebShield allows remote attackers to cause a denial of service or execute arbitrary commands.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages3 packages

▶NVDnetwork_associates/webshield4.0

▶NVDnetwork_associates/gauntlet_firewall4 versions+3

▶NVDnetwork_associates/webshield_e-ppliance100.0, 300.0+1

🔴Vulnerability Details

GHSA

GHSA-mrqj-pqq8-9fx3: Buffer overflow in the CyberPatrol daemon "cyberdaemon" used in gauntlet and WebShield allows remote attackers to cause a denial of service or execute↗2022-04-30

▶

CVEList

CVE-2000-0437: Buffer overflow in the CyberPatrol daemon "cyberdaemon" used in gauntlet and WebShield allows remote attackers to cause a denial of service or execute↗2000-07-12

▶

💥Exploits & PoCs

Exploit-DB

Gauntlet Firewall 4.1/4.2/5.0 / Webshield E-ppliance 100.0/300.0 / IRIX 6.5.x - Remote Buffer Overflow↗2000-05-18

▶