Denial of Service (DoS) Vulnerability in Symantec Enterprise Firewall Appliances
CVE-2004-1472

Currently unrated

Key Information:

Vendor: Symantec
Status: Firewall Vpn Appliance 200; Nexland Wavebase Firewall Appliance; Gateway Security; Nexland Pro400 Firewall Appliance
Vendor: CVE Published:; 31 December 2004

Summary

A vulnerability in Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R, running firmware prior to version 1.63, allows remote attackers to exploit a flaw by performing a fast UDP port scan on the WAN interface. This can lead to a denial of service condition, causing the device to freeze and become unresponsive, thus affecting network operations and security protocols.

References

http://secunia.com/advisories/12635

third-party-advisoryx_refsource_SECUNIA

http://securityresponse.symantec.com/avcenter/security/Co...

x_refsource_CONFIRM

http://marc.info/?l=bugtraq&m=109588376426070&w=2

mailing-listx_refsource_BUGTRAQ

EPSS Score

5% chance of being exploited in the next 30 days.

Timeline

Vulnerability Reserved
Feb 13, 2005
Vulnerability published
Dec 31, 2004