21 matches found
EUVD-2002-1916
Malware in sbrugna...
EUVD-2004-1466
Malware in sbrugna...
CVE-2002-1937
Symantec Firewall/VPN Appliance 100 through 200R hardcodes the administrator's MAC address inside the firewall's configuration, which allows remote attackers to spoof the administrator's MAC address and perform an ARP poisoning man-in-the-middle attack to obtain the administrator's password...
CVE-2005-0618
The SMTP binding function in Symantec Firewall/VPN Appliance 200/200R firmware after 1.5Z and before 1.68, Gateway Security 360/360R and 460/460R firmware before vuild 858, and Nexland Pro800turbo, when configured for load balancing between two WANs, might send SMTP traffic to a trusted network...
[SA14428] Symantec Firewall Devices SMTP Binding Configuration Bypass
---------------------------------------------------------------------- Monitor, Filter, and Manage Security Information - Filtering and Management of Secunia advisories - Overview, documentation, and detailed reports - Alerting via email and SMS Request Trial: https://ca.secunia.com/?f=l...
CVE-2004-1474
Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 and Gateway Security 320, 360, and 360R running firmware before 622 uses a default read/write SNMP community string, which allows remote attackers to alter the firewall's configuration file...
CVE-2004-1472
Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 allow remote attackers to cause a denial of service device freeze via a fast UDP port scan on the WAN interface...
CVE-2004-1473
Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 and Gateway Security 320, 360, and 360R running firmware before 622 allow remote attackers to bypass filtering and determine whether the device is running services such as tftpd, snmpd, or isakmp via a UDP...
CVE-2004-0190
Symantec FireWall/VPN Appliance model 200 records a cleartext password for the password administration page, which may be cached on the administrator's local system or in a proxy, which allows attackers to steal the password and gain privileges...
[Full-Disclosure] EEYE: Symantec Multiple Firewall NBNS Response Remote Heap Corruption
Symantec Multiple Firewall NBNS Response Remote Heap Corruption Release Date: May 12, 2004 Date Reported: April 19, 2004 Severity: High Remote Kernel Code Execution Vendor: Symantec Systems Affected: Symantec Norton Internet Security 2002 Symantec Norton Internet Security 2003 Symantec Norton...
[Full-Disclosure] EEYE: Symantec Multiple Firewall DNS Response Denial-of-Service
Symantec Multiple Firewall DNS Response Denial-of-Service Release Date: May 12, 2004 Date Reported: April 19, 2004 Severity: High Remote Denial of Service Vendor: Symantec Systems Affected: Symantec Norton Internet Security 2002 Symantec Norton Internet Security 2003 Symantec Norton Internet...
Multiple Symantec firewall products fail to properly process DNS response packets
Overview There is a vulnerability in multiple Symantec firewall products in which attempts to process a specially crafted Domain Name Service DNS response packet could allow an unauthenticated, remote attacker to cause a denial of service condition. Description Symantec offers a suite of corporat...
Multiple Symantec firewall products contain a buffer overflow in the processing of DNS resource records
Overview There is a buffer overflow vulnerability in multiple Symantec firewall products in which attempts to process a specially crafted Domain Name Service DNS packet could allow an unauthenticated, remote attacker to execute arbitrary code with kernel privileges. Description Symantec offers a...
Symantec Firewall Malformed TCP Packet Options Remote DoS
The remote system appears vulnerable to an invalid Options field within a TCP packet. At least one vendor firewall Symantec has been reported prone to such a bug. An attacker, utilizing this flaw, would be able to remotely shut down the remote firewall stopping all network-based transactions by...
EEYE: Symantec Multiple Firewall TCP Options Denial of Service
Symantec Multiple Firewall TCP Options Denial of Service Release Date: April 23, 2004 Date Reported: March 9th, 2004 Severity: High Remote Denial of Service Vendor: Symantec Systems Affected: Symantec Norton Internet Security 2003 Symantec Norton Internet Security 2004 Symantec Norton Internet...
RE: [Full-Disclosure] EEYE: Symantec Multiple Firewall TCP Options Denial of Service
On 04/23/2004: eEye Digital Security posted: eE"Derek Soeder" [email protected] Sent by: [email protected] 04/23/2004 01:36 PM Symantec Multiple Firewall TCP Options Denial of Service Release Date: April 23, 2004 Date Reported: March 9th, 2004 Severity: High Remote Denial of...
CVE-2004-0190
Symantec FireWall/VPN Appliance model 200 records a cleartext password for the password administration page, which may be cached on the administrator's local system or in a proxy, which allows attackers to steal the password and gain privileges...
CVE-2002-1937
Symantec Firewall/VPN Appliance 100 through 200R hardcodes the administrator's MAC address inside the firewall's configuration, which allows remote attackers to spoof the administrator's MAC address and perform an ARP poisoning man-in-the-middle attack to obtain the administrator's password...
CVE-2002-2294
Multiple buffer overflows in Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 allow remote attackers to cause a denial of service service termination via 1 malformed RealAudio rad packets...
CVE-2002-0990
The web proxy component in Symantec Enterprise Firewall SEF 6.5.2 through 7.0, Raptor Firewall 6.5 and 6.5.3, VelociRaptor, and Symantec Gateway Security allow remote attackers to cause a denial of service connection resource exhaustion via multiple connection requests to domains whose DNS server...