EUVD-2006-2342

Malware in sbrugna...

Symantec企业防火墙用户名枚举漏洞

BUGTRAQ ID: 25338 Symantec Enterprise Firewall（SEP）是一个高性能防火墙解决方案，适用于WINDOWS和SOLARIS操作系统。 SEP在处理某种认证请求时存在漏洞，远程攻击者可能利用此漏洞暴力猜测有效的用户名。 如果对Symantec企业防火墙配置了使用预共享密钥（PSK）认证的远程访问（客户端到网关）VPN的话，就会对有效和无效用户名提供不同的响应。这就允许攻击者判断所猜测的用户名是否有效，但不会列出有效的用户名，仅可以确定所提供的用户名是否存在。 Symantec Enterprise Firewall 6.x 临时解决方法：...

CVE-2007-4422

The login interface in Symantec Enterprise Firewall 6.x, when a VPN with pre-shared key PSK authentication is enabled, generates different responses depending on whether or not a username is valid, which allows remote attackers to enumerate valid usernames...

CVE-2007-4422

CVE-2007-4422 affects Symantec Enterprise Firewall 6.x: the login interface used with a VPN using pre-shared key (PSK) authentication leaks information by returning different responses for valid vs invalid usernames, enabling remote username enumeration. The available connected documents confirm ...

How to use SSH tunnel through your enterprise firewall-vulnerability warning-the black bar safety net

Note: the translation into Chinese of the article in our law translators with a Chinese version of the copyright out of respect please reprint when the famous translation of the original's signature Thank you! In addition the article was trying to cast to the hacker X file on to a friend to do th...

Design/Logic Flaw

The HTTP proxy in Symantec Gateway Security 5000 Series 2.0.1 and 3.0, and Enterprise Firewall 8.0, when NAT is being used, allows remote attackers to determine internal IP addresses by using malformed HTTP requests, as demonstrated using a get request without a space separating the URI...

CVE-2006-2341

CVE-2006-2341 affects Symantec Gateway Security 5000 Series (versions 2.0.1 and 3.0) and Symantec Enterprise Firewall 8.0. When NAT is in use, the HTTP proxy can be abused by remote attackers to determine internal IP addresses by sending malformed HTTP requests—specifically a GET request with no ...

Symantec Enterprise Firewall NAT/HTTP Proxy internal IP leakage

SUMMARY An information leak has been discovered in the HTTP proxy of the Symantec Enterprise Firewall and Symantec Gateway Security products. In response to specific http requests, the firewall may reveal internal addresses otherwise hidden by Network Address Translation NAT. Severity Very Low...

Symantec Enterprise Firewall / Gateway Security - HTTP Proxy Internal IP Leakage

source: https://www.securityfocus.com/bid/17936/info Symantec Enterprise Firewall and Gateway Security products are prone to an information-disclosure weakness. The vendor has reported that the NAT/HTTP proxy component of the products may reveal the internal IP addresses of protected computers. A...

CVE-2005-3768

CVE-2005-3768 affects Symantec Dynamic VPN Services (Enterprise Firewall, Gateway Security, and Firewall/VPN Appliance) in the IKEv1 implementation. A buffer overflow in IKEv1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demo...

CVE-2005-0817

Unknown vulnerability in the DNSd proxy, as used in Symantec Gateway Security 5400 2.x and 5300 1.x, Enterprise Firewall 7.0.x and 8.x, and VelociRaptor 1100/1200/1300 1.5, allows remote attackers to poison the DNS cache and redirect users to malicious sites...

CVE-2005-0817

CVE-2005-0817 affects Symantec Gateway products by a DNS proxy service (DNSD.exe) that caches DNS responses without proper verification, enabling DNS cache poisoning and potential site spoofing/Man-in-the-Middle. Affected products include DNS proxy/cache in Symantec Gateway Security 5400/5300, En...

CVE-2002-1463

CVE-2002-1463 describes a weakness where Symantec Raptor Firewall family devices (Raptor Firewall 6.5/6.5.3, Enterprise Firewall 6.5.2/7.0, VelociRaptor 500/700/1000 and 1100/1200/1300, Gateway Security 5110/5200/5300) generate easily predictable initial sequence numbers (ISN), enabling remote sp...

EUVD-2002-1446

Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor Models 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 generate easily predictable initial sequence numbers ISN, which allows remote attackers to spoof connections...

CVE-2002-1463

Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor Models 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 generate easily predictable initial sequence numbers ISN, which allows remote attackers to spoof connections...

CVE-2002-0309

The CVE-2002-0309 entry describes a vulnerability in Symantec Enterprise Firewall (SEF) 6.5.x where the SMTP proxy leaks the firewall’s physical interface name and address in an SMTP protocol exchange when NAT translates to an address other than the firewall. This could allow remote attackers to ...

CVE-2003-0106

The CVE-2003-0106 entry concerns Symantec Enterprise Firewall (SEF) 7.0 HTTP proxy URL pattern matching that can be bypassed when requests are URL-encoded (escapes, Unicode, UTF-8). The issue allows proxy users to bypass blocked URL pattern matching, enabling access to URLs that should be blocked...

Checkpoint Firewall fails on CVP scanning for large files

Subject: Checkpoint Firewall fails on CVP scanning large files Affected: Check Point FireWall-1 NG Feature Pack 3 Vendor: Check Point Author: Igor U.Miturin [email protected] Date: February, 5 2003 Risk: Low Vendor Notified: Yes I. Intro Check Point FireWall-1 is enterprise firewall...