SMTP Proxy Vulnerability in Symantec Enterprise Firewall
CVE-2002-0309

Currently unrated

Key Information:

Vendor: Symantec
Status: Enterprise Firewall
Vendor: CVE Published:; 31 May 2002

Summary

The SMTP proxy within the Symantec Enterprise Firewall version 6.5.x inadvertently discloses the firewall's physical interface name and address during SMTP protocol exchanges when Network Address Translation (NAT) is involved. This leakage of firewall configuration details could potentially enable remote attackers to deduce sensitive information about the firewall's infrastructure, increasing the risk of tailored attacks against the network.

References

http://marc.info/?l=bugtraq&m=101424307617060&w=2

mailing-listx_refsource_BUGTRAQ

http://www.iss.net/security_center/static/8251.php

vdb-entryx_refsource_XF

http://securityresponse.symantec.com/avcenter/security/Co...

x_refsource_CONFIRM

Timeline

Vulnerability published
May 31, 2002
Vulnerability Reserved
May 1, 2002