Bugtraq mailing list archives
Gauntlet CyberPatrol Buffer Overflow
From: lfcrob () AI ORG (Rob Lindenbusch)
Date: Mon, 22 May 2000 11:36:05 -0500
This was posted to the Guantlet User list this morning. The claim is that there is no exploit "in the wild" and that the only holders of the code are NAI and Garrison Tech, and they don't plan to release it. Of course, nobody else will figure it out, right? Nice to have a buffer overflow in a firewall in any case. -- Rob Lindenbusch Lead Systems Administrator Access Indiana Information Network E-mail: lfcrob () ai org Phone: (317)233-2378 URL: http://www.state.in.us/ <STRONG>attached mail follows:</STRONG><HR NOSHADE><P> Folks, We have released patches to deal with a security issue with the products mentioned in the Subject line. The full advisory is available from http://www.tis.com/support/cyberadvisory.html Patches are available from http://www.tis.com/support/patchpage.html -- the patch you need is cyber.patch for whatever version you are currently running. There is no released patch for Gauntlet 4.1, however if you refer to the advisory you can implement the workaround detailed in that advisory. If you have questions, feel free to direct them my way. Thanks, M (in official sort of capacity) -- Principal Network Security Engineer Gauntlet Technical Support
Current thread:
- Gauntlet CyberPatrol Buffer Overflow Rob Lindenbusch (May 22)