Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
SymantecEnterprise Firewall

15 matches found

CVE
CVEadded 2005/05/02 4:0 a.m.107 views

CVE-2005-0817

Unknown vulnerability in the DNSd proxy, as used in Symantec Gateway Security 5400 2.x and 5300 1.x, Enterprise Firewall 7.0.x and 8.x, and VelociRaptor 1100/1200/1300 1.5, allows remote attackers to poison the DNS cache and redirect users to malicious sites.

5CVSS6.6AI score0.00742EPSS
CVE
CVEadded 2004/09/01 4:0 a.m.103 views

CVE-2002-1463

Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor Models 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 generate easily predictable initial sequence numbers (ISN), which allows remote attackers to spoof connections.

7.5CVSS7.5AI score0.09679EPSS
CVE
CVEadded 2005/03/01 5:0 a.m.60 views

CVE-2004-1029

The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using ...

9.3CVSS7.3AI score0.42558EPSS
CVE
CVEadded 2005/04/14 4:0 a.m.48 views

CVE-2004-0369

Buffer overflow in Entrust LibKmp ISAKMP library, as used by Symantec Enterprise Firewall 7.0 through 8.0, Gateway Security 5300 1.0, Gateway Security 5400 2.0, and VelociRaptor 1.5, allows remote attackers to execute arbitrary code via a crafted ISAKMP payload.

7.5CVSS7.9AI score0.08501EPSS
CVE
CVEadded 2003/04/02 5:0 a.m.46 views

CVE-2002-0302

The Notify daemon for Symantec Enterprise Firewall (SEF) 6.5.x drops large alerts when SNMP is used as the transport, which could prevent some alerts from being sent in the event of an attack.

5CVSS7AI score0.00707EPSS
CVE
CVEadded 2003/04/02 5:0 a.m.43 views

CVE-2002-0538

FTP proxy in Symantec Raptor Firewall 6.5.3 and Enterprise 7.0 rewrites an FTP server's "FTP PORT" responses in a way that allows remote attackers to redirect FTP data connections to arbitrary ports, a variant of the "FTP bounce" vulnerability.

7.5CVSS7.1AI score0.01336EPSS
CVE
CVEadded 2007/10/18 10:0 a.m.43 views

CVE-2002-2294

Multiple buffer overflows in Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 allow remote attackers to cause a denial of service (service termination) via (1) malformed RealAudio (rad) packe...

5CVSS7.4AI score0.01171EPSS
CVE
CVEadded 2003/04/02 5:0 a.m.43 views

CVE-2003-0106

The HTTP proxy for Symantec Enterprise Firewall (SEF) 7.0 allows proxy users to bypass pattern matching for blocked URLs via requests that are URL-encoded with escapes, Unicode, or UTF-8.

7.5CVSS6.6AI score0.00749EPSS
CVE
CVEadded 2004/09/01 4:0 a.m.41 views

CVE-2002-0990

The web proxy component in Symantec Enterprise Firewall (SEF) 6.5.2 through 7.0, Raptor Firewall 6.5 and 6.5.3, VelociRaptor, and Symantec Gateway Security allow remote attackers to cause a denial of service (connection resource exhaustion) via multiple connection requests to domains whose DNS serv...

5CVSS7.2AI score0.00821EPSS
CVE
CVEadded 2005/11/23 12:3 a.m.41 views

CVE-2005-3768

Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in Symantec Dynamic VPN Services, as used in Enterprise Firewall, Gateway Security, and Firewall /VPN Appliance products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafte...

7.5CVSS8AI score0.04EPSS
CVE
CVEadded 2003/03/31 5:0 a.m.38 views

CVE-2002-1535

Secure Webserver 1.1 in Raptor 6.5 and Symantec Enterprise Firewall 6.5.2 allows remote attackers to identify IP addresses of hosts on the internal network via a CONNECT request, which generates different error messages if the host is present.

5CVSS7AI score0.00822EPSS
CVE
CVEadded 2006/05/12 1:2 a.m.38 views

CVE-2006-2341

The HTTP proxy in Symantec Gateway Security 5000 Series 2.0.1 and 3.0, and Enterprise Firewall 8.0, when NAT is being used, allows remote attackers to determine internal IP addresses by using malformed HTTP requests, as demonstrated using a get request without a space separating the URI.

5CVSS6.7AI score0.08868EPSS
CVE
CVEadded 2007/08/18 9:17 p.m.36 views

CVE-2007-4422

The login interface in Symantec Enterprise Firewall 6.x, when a VPN with pre-shared key (PSK) authentication is enabled, generates different responses depending on whether or not a username is valid, which allows remote attackers to enumerate valid usernames.

9.3CVSS6.9AI score0.02237EPSS
CVE
CVEadded 2005/03/09 5:0 a.m.35 views

CVE-2004-1754

The DNS proxy (DNSd) for multiple Symantec Gateway Security products allows remote attackers to poison the DNS cache via a malicious DNS server query response that contains authoritative or additional records.

5CVSS6.7AI score0.04443EPSS
CVE
CVEadded 2003/04/02 5:0 a.m.33 views

CVE-2002-0309

SMTP proxy in Symantec Enterprise Firewall (SEF) 6.5.x includes the firewall's physical interface name and address in an SMTP protocol exchange when NAT translation is made to an address other than the firewall, which could allow remote attackers to determine certain firewall configuration informat...

5CVSS6.8AI score0.00861EPSS