FTP Proxy Vulnerability in Symantec Raptor Firewall 6.5.3 and Enterprise 7.0
CVE-2002-0538

Currently unrated

Key Information:

Vendor: Symantec
Status: Velociraptor; Enterprise Firewall; Raptor Firewall
Vendor: CVE Published:; 3 July 2002

Summary

The FTP proxy in Symantec Raptor Firewall versions 6.5.3 and 7.0 contains a vulnerability that modifies the 'FTP PORT' responses from an FTP server. This flaw enables remote attackers to redirect FTP data connections to arbitrary ports, effectively making it a variant of the FTP bounce vulnerability. This issue could potentially allow unauthorized access to sensitive systems through misconfigured firewall settings.

References

http://www.securityfocus.com/bid/4522

vdb-entryx_refsource_BID

http://archives.neohapsis.com/archives/bugtraq/2002-04/01...

mailing-listx_refsource_BUGTRAQ

http://www.iss.net/security_center/static/8847.php

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Jul 3, 2002
Vulnerability Reserved
Jun 7, 2002