HTTP Proxy Disclosure in Symantec Gateway Security and Enterprise Firewall
CVE-2006-2341

Currently unrated

Key Information:

Vendor

Symantec
Status
Enterprise Firewall
Gateway Security
Vendor
CVE Published:
12 May 2006

What is CVE-2006-2341?

The HTTP proxy in certain versions of Symantec Gateway Security 5000 Series and Enterprise Firewall, when using Network Address Translation (NAT), is vulnerable to attacks that can reveal internal IP addresses. This vulnerability arises when attackers send malformed HTTP requests, which exploit the proxy's inability to properly handle specific request formats. This flaw can potentially allow unauthorized individuals to gain insight into the network's internal structure, posing a serious risk to the integrity and confidentiality of the affected environment. Users of these products should take immediate steps to mitigate this issue.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://securityresponse.symantec.com/avcenter/security/Co...
x_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/26370
vdb-entryx_refsource_XF
http://www.securityfocus.com/bid/17936
vdb-entryx_refsource_BID

EPSS Score

10% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.