NAI Gauntlet Firewall BSDI Patch Installation Remote ACL Bypass
Remote / Network Access
Loss of Integrity
Patch / RCS
Network Associates, Inc. (NAI) Gauntlet Firewall for BSDI Unix contains a flaw that may allow an attacker to bypass Access Control Lists (ACL). The issue occurs when a specific sequence of BSDI and Gauntlet related software is installed. This specific sequence causes the Firewall not to properly block traffic, allowing remote attackers to bypass any ACLs currently set up. Additionally, no activity will appear in the /var/log/messages log file to indicate a problem.
Currently, there are no known workarounds or upgrades to correct this issue. However, Network Associates has released a patch (kernel.BSDI.patch, patchlevel 3) to address this vulnerability.