cvelistv5 - cve-2001-1456

CVE-2001-1456 (GCVE-0-2001-1456)

Vulnerability from cvelistv5 – Published: 2005-04-21 04:00 – Updated: 2024-08-08 04:58

Summary

Buffer overflow in the (1) smap/smapd and (2) CSMAP daemons for Gauntlet Firewall 5.0 through 6.0 allows remote attackers to execute arbitrary code via a crafted mail message.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://www.cert.org/advisories/CA-2001-25.html	third-party-advisoryx_refsource_CERT
	http://www.kb.cert.org/vuls/id/206723	third-party-advisoryx_refsource_CERT-VN
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.securityfocus.com/bid/3290	vdb-entryx_refsource_BID
	ftp://patches.sgi.com/support/free/security/advis…	vendor-advisoryx_refsource_SGI

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T04:58:11.272Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "CA-2001-25",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.cert.org/advisories/CA-2001-25.html"
          },
          {
            "name": "VU#206723",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/206723"
          },
          {
            "name": "gauntlet-csmap-bo(7088)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7088"
          },
          {
            "name": "3290",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/3290"
          },
          {
            "name": "20011104-01-I",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20011104-01-I"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2001-09-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in the (1) smap/smapd and (2) CSMAP daemons for Gauntlet Firewall 5.0 through 6.0 allows remote attackers to execute arbitrary code via a crafted mail message."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "CA-2001-25",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.cert.org/advisories/CA-2001-25.html"
        },
        {
          "name": "VU#206723",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/206723"
        },
        {
          "name": "gauntlet-csmap-bo(7088)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7088"
        },
        {
          "name": "3290",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/3290"
        },
        {
          "name": "20011104-01-I",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20011104-01-I"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2001-1456",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in the (1) smap/smapd and (2) CSMAP daemons for Gauntlet Firewall 5.0 through 6.0 allows remote attackers to execute arbitrary code via a crafted mail message."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "CA-2001-25",
              "refsource": "CERT",
              "url": "http://www.cert.org/advisories/CA-2001-25.html"
            },
            {
              "name": "VU#206723",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/206723"
            },
            {
              "name": "gauntlet-csmap-bo(7088)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7088"
            },
            {
              "name": "3290",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/3290"
            },
            {
              "name": "20011104-01-I",
              "refsource": "SGI",
              "url": "ftp://patches.sgi.com/support/free/security/advisories/20011104-01-I"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2001-1456",
    "datePublished": "2005-04-21T04:00:00",
    "dateReserved": "2005-04-21T00:00:00",
    "dateUpdated": "2024-08-08T04:58:11.272Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mcafee:webshield_smtp:4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4DB55CC6-B578-4D2C-8AD8-3913DF079A1E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mcafee:webshield_smtp:4.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ABCB467C-524E-4365-9805-170B7CF5C109\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:network_associates:gauntlet_firewall:4.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"342EA025-24C8-440F-9D63-B6808198C444\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:network_associates:gauntlet_firewall:unix_5.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C124496E-66B9-4D3B-B503-D581DD682AE3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:network_associates:gauntlet_firewall:unix_5.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"731DA8F0-EE5F-4002-A26C-D6C19CC22647\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:network_associates:gauntlet_firewall:unix_6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6E3C4FFE-CF16-4753-8D1E-7B39212BA999\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:pgp:e-ppliance_300:1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5ED73199-35D9-41B2-967B-4F1005760A50\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:pgp:e-ppliance_300:1.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"892C2AA4-AC22-499F-8352-910142836135\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:pgp:e-ppliance_300:2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F596836C-32B7-4BEE-99F1-161A82E35EA1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:sgi:irix:6.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0ECE564D-B4BB-4C05-88CC-CDC3F8E4E366\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:sgi:irix:6.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B2D59247-56FA-46B4-BB51-2DAE71AFC145\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:sgi:irix:6.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"15BE08F8-5F3F-45DB-BFE0-1F6F2F57A4D4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:sgi:irix:6.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C30D6962-3DBB-4DF8-A04F-8E47AFEDCF99\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:network_associates:mcafee_e-ppliance:100_series:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0B1CD2D8-D04B-4D21-B7FF-059007DEC0B3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:network_associates:mcafee_e-ppliance:120_series:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"82D3B1B4-4D4A-4208-BF38-DD7C9F4BA48C\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Buffer overflow in the (1) smap/smapd and (2) CSMAP daemons for Gauntlet Firewall 5.0 through 6.0 allows remote attackers to execute arbitrary code via a crafted mail message.\"}]",
      "id": "CVE-2001-1456",
      "lastModified": "2024-11-20T23:37:44.267",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2001-09-04T04:00:00.000",
      "references": "[{\"url\": \"ftp://patches.sgi.com/support/free/security/advisories/20011104-01-I\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.cert.org/advisories/CA-2001-25.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.kb.cert.org/vuls/id/206723\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"US Government Resource\"]}, {\"url\": \"http://www.securityfocus.com/bid/3290\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/7088\", \"source\": \"cve@mitre.org\"}, {\"url\": \"ftp://patches.sgi.com/support/free/security/advisories/20011104-01-I\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.cert.org/advisories/CA-2001-25.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.kb.cert.org/vuls/id/206723\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"US Government Resource\"]}, {\"url\": \"http://www.securityfocus.com/bid/3290\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/7088\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-119\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2001-1456\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2001-09-04T04:00:00.000\",\"lastModified\":\"2025-04-03T01:03:51.193\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Buffer overflow in the (1) smap/smapd and (2) CSMAP daemons for Gauntlet Firewall 5.0 through 6.0 allows remote attackers to execute arbitrary code via a crafted mail message.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mcafee:webshield_smtp:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4DB55CC6-B578-4D2C-8AD8-3913DF079A1E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mcafee:webshield_smtp:4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ABCB467C-524E-4365-9805-170B7CF5C109\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:network_associates:gauntlet_firewall:4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"342EA025-24C8-440F-9D63-B6808198C444\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:network_associates:gauntlet_firewall:unix_5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C124496E-66B9-4D3B-B503-D581DD682AE3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:network_associates:gauntlet_firewall:unix_5.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"731DA8F0-EE5F-4002-A26C-D6C19CC22647\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:network_associates:gauntlet_firewall:unix_6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E3C4FFE-CF16-4753-8D1E-7B39212BA999\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:pgp:e-ppliance_300:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5ED73199-35D9-41B2-967B-4F1005760A50\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:pgp:e-ppliance_300:1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"892C2AA4-AC22-499F-8352-910142836135\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:pgp:e-ppliance_300:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F596836C-32B7-4BEE-99F1-161A82E35EA1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sgi:irix:6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0ECE564D-B4BB-4C05-88CC-CDC3F8E4E366\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sgi:irix:6.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B2D59247-56FA-46B4-BB51-2DAE71AFC145\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sgi:irix:6.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"15BE08F8-5F3F-45DB-BFE0-1F6F2F57A4D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sgi:irix:6.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C30D6962-3DBB-4DF8-A04F-8E47AFEDCF99\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:network_associates:mcafee_e-ppliance:100_series:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0B1CD2D8-D04B-4D21-B7FF-059007DEC0B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:network_associates:mcafee_e-ppliance:120_series:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"82D3B1B4-4D4A-4208-BF38-DD7C9F4BA48C\"}]}]}],\"references\":[{\"url\":\"ftp://patches.sgi.com/support/free/security/advisories/20011104-01-I\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.cert.org/advisories/CA-2001-25.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/206723\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"US Government Resource\"]},{\"url\":\"http://www.securityfocus.com/bid/3290\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/7088\",\"source\":\"cve@mitre.org\"},{\"url\":\"ftp://patches.sgi.com/support/free/security/advisories/20011104-01-I\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.cert.org/advisories/CA-2001-25.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/206723\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"US Government Resource\"]},{\"url\":\"http://www.securityfocus.com/bid/3290\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/7088\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

FKIE_CVE-2001-1456

Vulnerability from fkie_nvd - Published: 2001-09-04 04:00 - Updated: 2025-04-03 01:03

Severity ?

Summary

Buffer overflow in the (1) smap/smapd and (2) CSMAP daemons for Gauntlet Firewall 5.0 through 6.0 allows remote attackers to execute arbitrary code via a crafted mail message.

References

URL	Tags
cve@mitre.org	ftp://patches.sgi.com/support/free/security/advisories/20011104-01-I	Patch
cve@mitre.org	http://www.cert.org/advisories/CA-2001-25.html	US Government Resource
cve@mitre.org	http://www.kb.cert.org/vuls/id/206723	Patch, US Government Resource
cve@mitre.org	http://www.securityfocus.com/bid/3290
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/7088
af854a3a-2127-422b-91ae-364da2661108	ftp://patches.sgi.com/support/free/security/advisories/20011104-01-I	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.cert.org/advisories/CA-2001-25.html	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/206723	Patch, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/3290
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/7088

Impacted products

Vendor	Product	Version
mcafee	webshield_smtp	4.0
mcafee	webshield_smtp	4.1
network_associates	gauntlet_firewall	4.2
network_associates	gauntlet_firewall	unix_5.0
network_associates	gauntlet_firewall	unix_5.5
network_associates	gauntlet_firewall	unix_6.0
pgp	e-ppliance_300	1.0
pgp	e-ppliance_300	1.5
pgp	e-ppliance_300	2.0
sgi	irix	6.2
sgi	irix	6.3
sgi	irix	6.4
sgi	irix	6.5
network_associates	mcafee_e-ppliance	100_series
network_associates	mcafee_e-ppliance	120_series

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mcafee:webshield_smtp:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4DB55CC6-B578-4D2C-8AD8-3913DF079A1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mcafee:webshield_smtp:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABCB467C-524E-4365-9805-170B7CF5C109",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:network_associates:gauntlet_firewall:4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "342EA025-24C8-440F-9D63-B6808198C444",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:network_associates:gauntlet_firewall:unix_5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C124496E-66B9-4D3B-B503-D581DD682AE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:network_associates:gauntlet_firewall:unix_5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "731DA8F0-EE5F-4002-A26C-D6C19CC22647",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:network_associates:gauntlet_firewall:unix_6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E3C4FFE-CF16-4753-8D1E-7B39212BA999",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:pgp:e-ppliance_300:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5ED73199-35D9-41B2-967B-4F1005760A50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:pgp:e-ppliance_300:1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "892C2AA4-AC22-499F-8352-910142836135",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:pgp:e-ppliance_300:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F596836C-32B7-4BEE-99F1-161A82E35EA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0ECE564D-B4BB-4C05-88CC-CDC3F8E4E366",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2D59247-56FA-46B4-BB51-2DAE71AFC145",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "15BE08F8-5F3F-45DB-BFE0-1F6F2F57A4D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "C30D6962-3DBB-4DF8-A04F-8E47AFEDCF99",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:network_associates:mcafee_e-ppliance:100_series:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B1CD2D8-D04B-4D21-B7FF-059007DEC0B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:network_associates:mcafee_e-ppliance:120_series:*:*:*:*:*:*:*",
              "matchCriteriaId": "82D3B1B4-4D4A-4208-BF38-DD7C9F4BA48C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in the (1) smap/smapd and (2) CSMAP daemons for Gauntlet Firewall 5.0 through 6.0 allows remote attackers to execute arbitrary code via a crafted mail message."
    }
  ],
  "id": "CVE-2001-1456",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2001-09-04T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20011104-01-I"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.cert.org/advisories/CA-2001-25.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/206723"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/3290"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7088"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20011104-01-I"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.cert.org/advisories/CA-2001-25.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/206723"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/3290"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7088"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-J39F-8652-4CGJ

Vulnerability from github – Published: 2022-05-03 03:07 – Updated: 2022-05-03 03:07

Details

Buffer overflow in the (1) smap/smapd and (2) CSMAP daemons for Gauntlet Firewall 5.0 through 6.0 allows remote attackers to execute arbitrary code via a crafted mail message.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2001-1456"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2001-09-04T04:00:00Z",
    "severity": "HIGH"
  },
  "details": "Buffer overflow in the (1) smap/smapd and (2) CSMAP daemons for Gauntlet Firewall 5.0 through 6.0 allows remote attackers to execute arbitrary code via a crafted mail message.",
  "id": "GHSA-j39f-8652-4cgj",
  "modified": "2022-05-03T03:07:17Z",
  "published": "2022-05-03T03:07:17Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2001-1456"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7088"
    },
    {
      "type": "WEB",
      "url": "http://www.cert.org/advisories/CA-2001-25.html"
    },
    {
      "type": "WEB",
      "url": "http://www.kb.cert.org/vuls/id/206723"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/3290"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GSD-2001-1456

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Buffer overflow in the (1) smap/smapd and (2) CSMAP daemons for Gauntlet Firewall 5.0 through 6.0 allows remote attackers to execute arbitrary code via a crafted mail message.

Aliases

CVE-2001-1456

Aliases

CVE-2001-1456

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2001-1456",
    "description": "Buffer overflow in the (1) smap/smapd and (2) CSMAP daemons for Gauntlet Firewall 5.0 through 6.0 allows remote attackers to execute arbitrary code via a crafted mail message.",
    "id": "GSD-2001-1456"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2001-1456"
      ],
      "details": "Buffer overflow in the (1) smap/smapd and (2) CSMAP daemons for Gauntlet Firewall 5.0 through 6.0 allows remote attackers to execute arbitrary code via a crafted mail message.",
      "id": "GSD-2001-1456",
      "modified": "2023-12-13T01:19:02.508397Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2001-1456",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Buffer overflow in the (1) smap/smapd and (2) CSMAP daemons for Gauntlet Firewall 5.0 through 6.0 allows remote attackers to execute arbitrary code via a crafted mail message."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "CA-2001-25",
            "refsource": "CERT",
            "url": "http://www.cert.org/advisories/CA-2001-25.html"
          },
          {
            "name": "VU#206723",
            "refsource": "CERT-VN",
            "url": "http://www.kb.cert.org/vuls/id/206723"
          },
          {
            "name": "gauntlet-csmap-bo(7088)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7088"
          },
          {
            "name": "3290",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/3290"
          },
          {
            "name": "20011104-01-I",
            "refsource": "SGI",
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20011104-01-I"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:mcafee:webshield_smtp:4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mcafee:webshield_smtp:4.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:pgp:e-ppliance_300:2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:sgi:irix:6.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:network_associates:gauntlet_firewall:4.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:network_associates:gauntlet_firewall:unix_5.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:sgi:irix:6.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:sgi:irix:6.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:network_associates:gauntlet_firewall:unix_5.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:network_associates:gauntlet_firewall:unix_6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:sgi:irix:6.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:pgp:e-ppliance_300:1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:pgp:e-ppliance_300:1.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:network_associates:mcafee_e-ppliance:100_series:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:network_associates:mcafee_e-ppliance:120_series:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2001-1456"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Buffer overflow in the (1) smap/smapd and (2) CSMAP daemons for Gauntlet Firewall 5.0 through 6.0 allows remote attackers to execute arbitrary code via a crafted mail message."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20011104-01-I",
              "refsource": "SGI",
              "tags": [
                "Patch"
              ],
              "url": "ftp://patches.sgi.com/support/free/security/advisories/20011104-01-I"
            },
            {
              "name": "CA-2001-25",
              "refsource": "CERT",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.cert.org/advisories/CA-2001-25.html"
            },
            {
              "name": "VU#206723",
              "refsource": "CERT-VN",
              "tags": [
                "Patch",
                "US Government Resource"
              ],
              "url": "http://www.kb.cert.org/vuls/id/206723"
            },
            {
              "name": "3290",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/3290"
            },
            {
              "name": "gauntlet-csmap-bo(7088)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7088"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2017-07-11T01:29Z",
      "publishedDate": "2001-09-04T04:00Z"
    }
  }
}

VAR-200109-0126

Vulnerability from variot - Updated: 2023-12-18 13:05

Buffer overflow in the (1) smap/smapd and (2) CSMAP daemons for Gauntlet Firewall 5.0 through 6.0 allows remote attackers to execute arbitrary code via a crafted mail message. A remotely exploitable buffer overflow exists in the Gauntlet Firewall. A boundary condition error exists in the smap/smapd and CSMAPD daemons, shipped with several popular Network Associates products. The smap/smapd and CSMAP daemons are proxy servers used to handle e-mail transactions for both inbound and outbound e-mail. By successfully exploiting this condition, an attacker may be able to cause arbitrary code/commands to be executed on a vulnerable system with the privileges of the attacked daemon. Additional technical details are currently unknown. Some versions of SGI IRIX shipped with the Gauntlet Firewall package, and in the past it was a supported SGI product. While it is no longer being supported, SGI IRIX versions 6.5.2, 6.5.3, 6.5.4 and 6.5.5 may be prone to this issue

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200109-0126",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "mcafee e-ppliance",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "network associates",
        "version": "120_series"
      },
      {
        "model": "irix",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "sgi",
        "version": "6.5"
      },
      {
        "model": "irix",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "sgi",
        "version": "6.4"
      },
      {
        "model": "irix",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "sgi",
        "version": "6.3"
      },
      {
        "model": "irix",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "sgi",
        "version": "6.2"
      },
      {
        "model": "e-ppliance 300",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "pgp",
        "version": "1.0"
      },
      {
        "model": "mcafee e-ppliance",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "network associates",
        "version": "100_series"
      },
      {
        "model": "webshield smtp",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "mcafee",
        "version": "4.1"
      },
      {
        "model": "gauntlet firewall",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "network associates",
        "version": "unix_6.0"
      },
      {
        "model": "e-ppliance 300",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "pgp",
        "version": "2.0"
      },
      {
        "model": "gauntlet firewall",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "network associates",
        "version": "unix_5.5"
      },
      {
        "model": "gauntlet firewall",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "network associates",
        "version": "4.2"
      },
      {
        "model": "webshield smtp",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "mcafee",
        "version": "4.0"
      },
      {
        "model": "gauntlet firewall",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "network associates",
        "version": "unix_5.0"
      },
      {
        "model": "e-ppliance 300",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "pgp",
        "version": "1.5"
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "pgp",
        "version": null
      },
      {
        "model": "pgp e-ppliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "securecomputing",
        "version": "3002.0"
      },
      {
        "model": "pgp e-ppliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "securecomputing",
        "version": "3001.5"
      },
      {
        "model": "pgp e-ppliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "securecomputing",
        "version": "3001.0"
      },
      {
        "model": "associates pgp e-ppliance series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "network",
        "version": "3002.0"
      },
      {
        "model": "associates pgp e-ppliance series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "network",
        "version": "3001.5"
      },
      {
        "model": "associates pgp e-ppliance series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "network",
        "version": "3001.0"
      },
      {
        "model": "associates gauntlet firewall for unix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "network",
        "version": "6.0"
      },
      {
        "model": "associates gauntlet firewall for unix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "network",
        "version": "5.5"
      },
      {
        "model": "associates gauntlet firewall for unix",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "network",
        "version": "5.0"
      },
      {
        "model": "associates gauntlet firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "network",
        "version": "4.2"
      },
      {
        "model": "webshield for solaris",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "4.0"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#206723"
      },
      {
        "db": "BID",
        "id": "3290"
      },
      {
        "db": "NVD",
        "id": "CVE-2001-1456"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200109-005"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:mcafee:webshield_smtp:4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mcafee:webshield_smtp:4.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:pgp:e-ppliance_300:2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:sgi:irix:6.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:network_associates:gauntlet_firewall:4.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:network_associates:gauntlet_firewall:unix_5.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:sgi:irix:6.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:sgi:irix:6.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:network_associates:gauntlet_firewall:unix_5.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:network_associates:gauntlet_firewall:unix_6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:sgi:irix:6.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:pgp:e-ppliance_300:1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:pgp:e-ppliance_300:1.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:network_associates:mcafee_e-ppliance:100_series:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:network_associates:mcafee_e-ppliance:120_series:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2001-1456"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Discovered by Jim Stickley of Garrison Technologies and published in a PGP Security Advisory on September 4, 2001.",
    "sources": [
      {
        "db": "BID",
        "id": "3290"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200109-005"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2001-1456",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-4260",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2001-1456",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "CARNEGIE MELLON",
            "id": "VU#206723",
            "trust": 0.8,
            "value": "50.63"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200109-005",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-4260",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#206723"
      },
      {
        "db": "VULHUB",
        "id": "VHN-4260"
      },
      {
        "db": "NVD",
        "id": "CVE-2001-1456"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200109-005"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Buffer overflow in the (1) smap/smapd and (2) CSMAP daemons for Gauntlet Firewall 5.0 through 6.0 allows remote attackers to execute arbitrary code via a crafted mail message. A remotely exploitable buffer overflow exists in the Gauntlet Firewall. A boundary condition error exists in the smap/smapd and CSMAPD daemons, shipped with several popular Network Associates products.  The smap/smapd and CSMAP daemons are proxy servers used to handle e-mail transactions for both inbound and outbound e-mail. \nBy successfully exploiting this condition, an attacker may be able to cause arbitrary code/commands to be executed on a vulnerable system with the privileges of the attacked daemon. \nAdditional technical details are currently unknown. \nSome versions of SGI IRIX shipped with the Gauntlet Firewall package, and in the past it was a supported SGI product. While it is no longer being supported, SGI IRIX versions 6.5.2, 6.5.3, 6.5.4 and 6.5.5 may be prone to this issue",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2001-1456"
      },
      {
        "db": "CERT/CC",
        "id": "VU#206723"
      },
      {
        "db": "BID",
        "id": "3290"
      },
      {
        "db": "VULHUB",
        "id": "VHN-4260"
      }
    ],
    "trust": 1.98
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "CERT/CC",
        "id": "VU#206723",
        "trust": 2.5
      },
      {
        "db": "BID",
        "id": "3290",
        "trust": 2.0
      },
      {
        "db": "NVD",
        "id": "CVE-2001-1456",
        "trust": 2.0
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200109-005",
        "trust": 0.7
      },
      {
        "db": "SGI",
        "id": "20011104-01-I",
        "trust": 0.6
      },
      {
        "db": "CERT/CC",
        "id": "CA-2001-25",
        "trust": 0.6
      },
      {
        "db": "XF",
        "id": "7088",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-4260",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#206723"
      },
      {
        "db": "VULHUB",
        "id": "VHN-4260"
      },
      {
        "db": "BID",
        "id": "3290"
      },
      {
        "db": "NVD",
        "id": "CVE-2001-1456"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200109-005"
      }
    ]
  },
  "id": "VAR-200109-0126",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-4260"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T13:05:39.848000Z",
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-119",
        "trust": 1.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-4260"
      },
      {
        "db": "NVD",
        "id": "CVE-2001-1456"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/3290"
      },
      {
        "trust": 1.7,
        "url": "http://www.cert.org/advisories/ca-2001-25.html"
      },
      {
        "trust": 1.7,
        "url": "http://www.kb.cert.org/vuls/id/206723"
      },
      {
        "trust": 1.7,
        "url": "ftp://patches.sgi.com/support/free/security/advisories/20011104-01-i"
      },
      {
        "trust": 1.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7088"
      },
      {
        "trust": 0.8,
        "url": "about vulnerability notes"
      },
      {
        "trust": 0.8,
        "url": "contact us about this vulnerability"
      },
      {
        "trust": 0.8,
        "url": "provide a vendor statement"
      },
      {
        "trust": 0.6,
        "url": "http://xforce.iss.net/xforce/xfdb/7088"
      },
      {
        "trust": 0.3,
        "url": "http://www.pgp.com/support/product-advisories/csmap.asp"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#206723"
      },
      {
        "db": "VULHUB",
        "id": "VHN-4260"
      },
      {
        "db": "BID",
        "id": "3290"
      },
      {
        "db": "NVD",
        "id": "CVE-2001-1456"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200109-005"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CERT/CC",
        "id": "VU#206723"
      },
      {
        "db": "VULHUB",
        "id": "VHN-4260"
      },
      {
        "db": "BID",
        "id": "3290"
      },
      {
        "db": "NVD",
        "id": "CVE-2001-1456"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200109-005"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2001-09-06T00:00:00",
        "db": "CERT/CC",
        "id": "VU#206723"
      },
      {
        "date": "2001-09-04T00:00:00",
        "db": "VULHUB",
        "id": "VHN-4260"
      },
      {
        "date": "2001-09-04T00:00:00",
        "db": "BID",
        "id": "3290"
      },
      {
        "date": "2001-09-04T04:00:00",
        "db": "NVD",
        "id": "CVE-2001-1456"
      },
      {
        "date": "2001-09-04T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200109-005"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2001-09-06T00:00:00",
        "db": "CERT/CC",
        "id": "VU#206723"
      },
      {
        "date": "2017-07-11T00:00:00",
        "db": "VULHUB",
        "id": "VHN-4260"
      },
      {
        "date": "2015-03-19T09:07:00",
        "db": "BID",
        "id": "3290"
      },
      {
        "date": "2017-07-11T01:29:08.197000",
        "db": "NVD",
        "id": "CVE-2001-1456"
      },
      {
        "date": "2006-09-22T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200109-005"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200109-005"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Network Associates CSMAP and smap/smapd vulnerable to buffer overflow thereby allowing arbitrary command execution",
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#206723"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "buffer overflow",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200109-005"
      }
    ],
    "trust": 0.6
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2001-1456 (GCVE-0-2001-1456)

FKIE_CVE-2001-1456

GHSA-J39F-8652-4CGJ

GSD-2001-1456

VAR-200109-0126

Tags

Sightings

Nomenclature