ad info

 
CNN.com  technology > computing
    Editions | myCNN | Video | Audio | Headline News Brief | Feedback  

 

  Search
 
 

 
TECHNOLOGY
TOP STORIES

Consumer group: Online privacy protections fall short

Guide to a wired Super Bowl

Debate opens on making e-commerce law consistent

(MORE)

TOP STORIES

More than 11,000 killed in India quake

Mideast negotiators want to continue talks after Israeli elections

(MORE)

MARKETS
4:30pm ET, 4/16
144.70
8257.60
3.71
1394.72
10.90
879.91
 


WORLD

U.S.

POLITICS

LAW

ENTERTAINMENT

HEALTH

TRAVEL

FOOD

ARTS & STYLE



(MORE HEADLINES)
*
 
CNN Websites
Networks image


Security hole found in Network Associates firewall

InfoWorld
 
  MESSAGE BOARD
 

June 2, 2000
Web posted at: 10:30 a.m. EDT (1430 GMT)

(IDG) -- Unix users of Network Associates' Gauntlet firewall software are being advised to install a patch to protect their networks from possible attacks.

The security hole, discovered about 10 days ago, occurs when Gauntlet is used with Mattel's Cyber Patrol software, according to Network Associates. The combination of the two applications causes a "buffer overflow vulnerability," which creates an entryway for cyberattacks on the network, the company said in its advisory.

The software patch to close the security hole was released May 22 by Network Associates and is available for downloading on the company's Web site. The patch supports Gauntlet for Unix Versions 4.2, 5.0, and 5.5. The patch also should be applied to Network Associates' WebShield 100 and 300 series products, which are combined hardware/software bundles that include the Gauntlet firewall. Users of Gauntlet for Unix 4.1 are being advised that a patch is not available for their software. Instead, Version 4.1 users have to apply a manual workaround procedure outlined on the Network Associates Web site.

MORE COMPUTING INTELLIGENCE
IDG.net   IDG.net home page
  InfoWorld home page
  Holes found in Cisco firewalls

The Cyber Patrol software is installed by default as part of the Gauntlet package, then is disabled after 30 days, according to SecurityFocus.com, a Web-based security clearinghouse that also reported the security hole. The security breaches are only possible within that 30-day window, the SecurityFocus.com report said.




RELATED STORIES:
Senate eyes Guard for info security
June 1, 2000
Top 10 security utilities
May 22, 2000
Intel standard aims to tighten notebook security
May 15, 2000
Win 2000 at center of security storm
May 10, 2000
Microsoft issues fixes for Win2000 security holes
February 1, 2000

RELATED IDG.net STORIES:
Building your firewall
Sunworld
Holes found in Cisco firewalls
Network World Fusion
Network Associates to break into smaller units
Infoworld
6 firewalls compared
Network World Fusion
Securing your DSL against hackers
Network World Fusion
All-in-one security device
Network World Fusion
A firewall for phone-lines
Infoworld
Check Point launches security 'appliance' initiative
Network World Fusion

RELATED SITES:
Network Associates
Cisco Systems
SecureLogix
Checkpoint Software

Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.

 Search   

Back to the top   © 2001 Cable News Network. All Rights Reserved.
Terms under which this service is provided to you.
Read our privacy guidelines.