CVE-2006-2341

Currently unrated

Key Information:

Vendor: Symantec
Status: Enterprise Firewall; Gateway Security
Vendor: CVE Published:; 12 May 2006

Summary

The HTTP proxy in Symantec Gateway Security 5000 Series 2.0.1 and 3.0, and Enterprise Firewall 8.0, when NAT is being used, allows remote attackers to determine internal IP addresses by using malformed HTTP requests, as demonstrated using a get request without a space separating the URI.

References

http://securityresponse.symantec.com/avcenter/security/Co...

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/26370

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/17936

vdb-entryx_refsource_BID

Timeline

Vulnerability published
May 12, 2006
Vulnerability Reserved
May 11, 2006