CVE-2001-1456 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Associates Gauntlet Firewall

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer3 documents3 sources

Severity

7.5HIGHNVD

EPSS

9.1%

top 7.34%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mcafee Webshield Smtp Network Associates Gauntlet Firewall Network Associates Mcafee E-ppliance +2 more

Timeline

PublishedSep 4

Latest updateMay 3

Description

Buffer overflow in the (1) smap/smapd and (2) CSMAP daemons for Gauntlet Firewall 5.0 through 6.0 allows remote attackers to execute arbitrary code via a crafted mail message.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages5 packages

▶NVDnetwork_associates/gauntlet_firewall4 versions+3

▶NVDsgi/irix4 versions+3

▶NVDpgp/e-ppliance_3001.0, 1.5, 2.0+2

▶NVDmcafee/webshield_smtp4.0, 4.1+1

▶NVDnetwork_associates/mcafee_e-ppliance100_series, 120_series+1

Patches

Patch: patches.sgi.com ↗Patch: www.kb.cert.org ↗Patch: patches.sgi.com ↗

🔴Vulnerability Details

GHSA

GHSA-j39f-8652-4cgj: Buffer overflow in the (1) smap/smapd and (2) CSMAP daemons for Gauntlet Firewall 5↗2022-05-03

▶

CVEList

CVE-2001-1456: Buffer overflow in the (1) smap/smapd and (2) CSMAP daemons for Gauntlet Firewall 5↗2005-04-21

▶