CVE-2002-1937

Currently unrated

Key Information:

Vendor: Symantec
Status: Firewall Vpn Appliance 200; Firewall Vpn Appliance 200r; Firewall Vpn Appliance 100
Vendor: CVE Published:; 31 December 2002

Summary

Symantec Firewall/VPN Appliance 100 through 200R hardcodes the administrator's MAC address inside the firewall's configuration, which allows remote attackers to spoof the administrator's MAC address and perform an ARP poisoning man-in-the-middle attack to obtain the administrator's password.

References

http://archives.neohapsis.com/archives/bugtraq/2002-10/03...

mailing-listx_refsource_BUGTRAQ

http://www.iss.net/security_center/static/10442.php

vdb-entryx_refsource_XF

http://archives.neohapsis.com/archives/bugtraq/2002-10/03...

mailing-listx_refsource_BUGTRAQ

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Dec 31, 2002