Remote Information Disclosure in Symantec Firewall and VPN Appliances
CVE-2004-1473

Currently unrated

Key Information:

Vendor

Symantec
Status
Gateway Security 360
Firewall Vpn Appliance 200
Nexland Wavebase Firewall Appliance
Gateway Security 320
Vendor
CVE Published:
31 December 2004

What is CVE-2004-1473?

Certain Symantec Enterprise Firewall and VPN appliances are vulnerable to remote information disclosure. Attackers can exploit this vulnerability by performing a UDP port scan using a source port of UDP 53, which allows them to bypass filtering mechanisms. This enables unauthorized users to discover whether the devices are actively running services such as tftpd, snmpd, or isakmp, exposing them to further targeted attacks. It is crucial for organizations using the affected versions to implement necessary security measures to mitigate risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/17470
vdb-entryx_refsource_XF
http://secunia.com/advisories/12635
third-party-advisoryx_refsource_SECUNIA
http://securityresponse.symantec.com/avcenter/security/Co...
x_refsource_CONFIRM

Timeline

  • Vulnerability Reserved

  • Vulnerability published

JSON
.