ARP Spoofing Vulnerability in Symantec Firewall/VPN Appliance
CVE-2002-1937

Currently unrated

Key Information:

Vendor: Symantec
Status: Firewall Vpn Appliance 200; Firewall Vpn Appliance 200r; Firewall Vpn Appliance 100
Vendor: CVE Published:; 31 December 2002

Summary

The Symantec Firewall/VPN Appliance versions 100 through 200R have a vulnerability where the administrator's MAC address is hardcoded in the configuration. This flaw allows remote attackers to impersonate the administrator by spoofing the hardcoded MAC address, enabling them to execute ARP poisoning attacks. As a consequence, attackers can intercept network traffic, perform man-in-the-middle attacks, and potentially gain unauthorized access to sensitive information, including the administrator's password.

References

http://archives.neohapsis.com/archives/bugtraq/2002-10/03...

mailing-listx_refsource_BUGTRAQ

http://www.iss.net/security_center/static/10442.php

vdb-entryx_refsource_XF

http://archives.neohapsis.com/archives/bugtraq/2002-10/03...

mailing-listx_refsource_BUGTRAQ

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Dec 31, 2002