[SA13671] Symantec Nexland Firewall Appliances Three Vulnerabilities

2005-01-02T00:00:00
ID SECURITYVULNS:DOC:7482
Type securityvulns
Reporter Securityvulns
Modified 2005-01-02T00:00:00

Description

TITLE: Symantec Nexland Firewall Appliances Three Vulnerabilities

SECUNIA ADVISORY ID: SA13671

VERIFY ADVISORY: http://secunia.com/advisories/13671/

CRITICAL: Highly critical

IMPACT: Security Bypass, Manipulation of data, DoS

WHERE: >From remote

OPERATING SYSTEM: Symantec Nexland Firewall Appliances 1.x http://secunia.com/product/4466/

DESCRIPTION: Symantec has acknowledged three vulnerabilities in the Nexland Firewall Appliances, which can be exploited by malicious people to cause a DoS (Denial of Service), identify active services, and manipulate the firewall configuration.

For more information: SA12635

The vulnerabilities affect the following products: * Nexland ISB SOHO Firewall Appliance(firmware builds prior to build 16U) * Nexland Pro100, Pro400 Firewall Appliances (firmware builds prior to build 16U) * Nexland Pro800, Pro800turbo Firewall Appliances (firmware builds prior to build 16U) * Nexland WaveBase Firewall Appliances (firmware builds prior to build 16U)

SOLUTION: Update to firmware build 16U. http://www.symantec.com/techsupp/

PROVIDED AND/OR DISCOVERED BY: Reported by vendor.

ORIGINAL ADVISORY: Symantec: http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html ftp://ftp.symantec.com/public/english_us_canada/products/nexland/firmware/pro400_16u/readme.rtf

OTHER REFERENCES: SA12635: http://secunia.com/advisories/12635/


About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.