Re: CERT Advisory CA-2001-25

[Ian Finlay <iaf () cert org>]

--On Sunday, September 09, 2001 9:30 PM -0700 Steve Watt 
<steve+bugtraq () Watt COM> wrote:

> CERT Advisory  <cert-advisory () cert org> wrote:
> > CERT Advisory CA-2001-25 Buffer Overflow in Gauntlet Firewall allows
> > intruders to execute arbitrary code
> [ ... ]
> > Network Associates, Inc.
> >
> >   PGP Security has published a security advisory describing this
> >   vulnerability as well as patches. This is available from
> >
> >          http://www.pgp.com/support/product-advisories/csmap.asp
> >          http://www.pgp.com/naicommon/download/upgrade/upgrades-patch.asp
>
> So, does anyone know whether this thoroughly useless advisory
> affects those who are running smap/smapd from the TIS FWTK days?
> Or is the overflow a newly introduced feature?

I was able to find the following information, which may be of some use to 
you Steve.

http://www.fwtk.org/fwtk/docs/documentation.html#1.3

"The Gauntlet Internet Firewall and the TIS Internet Firewall Toolkit do 
not share the same code base for anything, typically, and haven't since 
version 1.0. (There may be a proxy or two that is identical in cases where 
TIS decided to just give the code away to the FWTK users."

Best Regards,
Ian

Ian Finlay
Internet Systems Security Analyst - CERT/CC Operations
Networked Systems Survivability Program
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
CERT (R) Coordination Center             Email: cert () cert org
Software Engineering Institute           WWW: http://www.cert.org
Carnegie Mellon University               Hotline: +1-412-268-7090
Pittsburgh, PA  USA  15213-3890          FAX: +1-412-268-6989
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=