DNS Cache Poisoning Vulnerability in Symantec Gateway Security Products
CVE-2004-1754

Currently unrated

Key Information:

Vendor: Symantec
Status: Enterprise Firewall
Vendor: CVE Published:; 15 June 2004

Summary

A vulnerability in the DNS proxy (DNSd) of various Symantec Gateway Security products allows attackers to perform DNS cache poisoning. By sending a malicious DNS server query response that includes authoritative or additional records, remote attackers can manipulate the DNS cache. This could potentially redirect users to fraudulent sites, leading to data breaches and further exploitation. It is crucial for organizations using affected products to implement protective measures against this vulnerability.

References

http://lists.virus.org/bugtraq-0406/msg00234.html

mailing-listx_refsource_BUGTRAQ

http://www.securityfocus.com/bid/10557

vdb-entryx_refsource_BID

http://secunia.com/advisories/11888

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability Reserved
Mar 9, 2005
Vulnerability published
Jun 15, 2004