Symantec Clientless VPN Gateway ActiveX File Browser Mixed Login Share Credential Issue

2004-08-10T05:25:51
ID OSVDB:8507
Type osvdb
Reporter OSVDB
Modified 2004-08-10T05:25:51

Description

Vulnerability Description

Symantec Clientless VPN Gateway contains a flaw related to the ActiveX file browser that may allow an attacker to gain unauthenticated access to shares that allow both anonymous and user logins. No further details have been provided.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, Symantec Corporation has released a hotfix v.SCVG5-20040806-00 to address this vulnerability.

Short Description

Symantec Clientless VPN Gateway contains a flaw related to the ActiveX file browser that may allow an attacker to gain unauthenticated access to shares that allow both anonymous and user logins. No further details have been provided.

References:

Vendor URL: http://www.symantec.com/ Secunia Advisory ID:12254 Related OSVDB ID: 8510 Related OSVDB ID: 8512 Related OSVDB ID: 8508 Related OSVDB ID: 8509 Related OSVDB ID: 8511 Other Advisory URL: ftp://ftp.symantec.com/public/english_us_canada/products/sym_clientless_vpn/sym_clientless_vpn_5/updates/hf3-readme.txt CVE-2004-1483