TITLE: Symantec Nexland Firewall Appliances Three Vulnerabilities
SECUNIA ADVISORY ID: SA13671
VERIFY ADVISORY: http://secunia.com/advisories/13671/
CRITICAL: Highly critical
IMPACT: Security Bypass, Manipulation of data, DoS
WHERE: >From remote
OPERATING SYSTEM: Symantec Nexland Firewall Appliances 1.x http://secunia.com/product/4466/
DESCRIPTION: Symantec has acknowledged three vulnerabilities in the Nexland Firewall Appliances, which can be exploited by malicious people to cause a DoS (Denial of Service), identify active services, and manipulate the firewall configuration.
For more information: SA12635
The vulnerabilities affect the following products: * Nexland ISB SOHO Firewall Appliance(firmware builds prior to build 16U) * Nexland Pro100, Pro400 Firewall Appliances (firmware builds prior to build 16U) * Nexland Pro800, Pro800turbo Firewall Appliances (firmware builds prior to build 16U) * Nexland WaveBase Firewall Appliances (firmware builds prior to build 16U)
SOLUTION: Update to firmware build 16U. http://www.symantec.com/techsupp/
PROVIDED AND/OR DISCOVERED BY: Reported by vendor.
ORIGINAL ADVISORY: Symantec: http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html ftp://ftp.symantec.com/public/english_us_canada/products/nexland/firmware/pro400_16u/readme.rtf
OTHER REFERENCES: SA12635: http://secunia.com/advisories/12635/
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.