Remote Information Disclosure in Symantec Firewall and VPN Appliances
CVE-2004-1473

Currently unrated

Key Information:

Vendor: Symantec
Status: Gateway Security 360; Firewall Vpn Appliance 200; Nexland Wavebase Firewall Appliance; Gateway Security 320
Vendor: CVE Published:; 31 December 2004

Summary

Certain Symantec Enterprise Firewall and VPN appliances are vulnerable to remote information disclosure. Attackers can exploit this vulnerability by performing a UDP port scan using a source port of UDP 53, which allows them to bypass filtering mechanisms. This enables unauthorized users to discover whether the devices are actively running services such as tftpd, snmpd, or isakmp, exposing them to further targeted attacks. It is crucial for organizations using the affected versions to implement necessary security measures to mitigate risks.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/17470

vdb-entryx_refsource_XF

http://secunia.com/advisories/12635

third-party-advisoryx_refsource_SECUNIA

http://securityresponse.symantec.com/avcenter/security/Co...

x_refsource_CONFIRM

Timeline

Vulnerability Reserved
Feb 13, 2005
Vulnerability published
Dec 31, 2004