RSS   Vulnerabilities for 'Gateway security'   RSS

2006-09-05
 
CVE-2006-4562

CWE-Other
 

 
** DISPUTED ** The proxy DNS service in Symantec Gateway Security (SGS) allows remote attackers to make arbitrary DNS queries to third-party DNS servers, while hiding the source IP address of the attacker. NOTE: another researcher has stated that the default configuration does not proxy DNS queries received on the external interface.

 
2006-05-11
 
CVE-2006-2341

CWE-200
 

 
The HTTP proxy in Symantec Gateway Security 5000 Series 2.0.1 and 3.0, and Enterprise Firewall 8.0, when NAT is being used, allows remote attackers to determine internal IP addresses by using malformed HTTP requests, as demonstrated using a get request without a space separating the URI.

 
2005-02-08
 
CVE-2005-0249

CWE-Other
 

 
Heap-based buffer overflow in the DEC2EXE module for Symantec AntiVirus Library allows remote attackers to execute arbitrary code via a UPX compressed file containing a negative virtual offset to a crafted PE header.

 
2004-06-15
 
CVE-2004-1754

 

 
The DNS proxy (DNSd) for multiple Symantec Gateway Security products allows remote attackers to poison the DNS cache via a malicious DNS server query response that contains authoritative or additional records.

 
2004-12-31
 
CVE-2004-1472

 

 
Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 allow remote attackers to cause a denial of service (device freeze) via a fast UDP port scan on the WAN interface.

 
2003-06-09
 
CVE-2002-1463

 

 
Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor Models 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 generate easily predictable initial sequence numbers (ISN), which allows remote attackers to spoof connections.

 
2002-10-28
 
CVE-2002-0990

 

 
The web proxy component in Symantec Enterprise Firewall (SEF) 6.5.2 through 7.0, Raptor Firewall 6.5 and 6.5.3, VelociRaptor, and Symantec Gateway Security allow remote attackers to cause a denial of service (connection resource exhaustion) via multiple connection requests to domains whose DNS server is unresponsive or does not exist, which generates a long timeout.

 
2002-07-03
 
CVE-2002-0538

 

 
FTP proxy in Symantec Raptor Firewall 6.5.3 and Enterprise 7.0 rewrites an FTP server's "FTP PORT" responses in a way that allows remote attackers to redirect FTP data connections to arbitrary ports, a variant of the "FTP bounce" vulnerability.

 

 >>> Vendor: Symantec 241 Products
JAVA
Mail-gear
Raptor firewall
Norton antivirus
Pcanywhere
Norton utilities
I-gear
Liveupdate
Norton ghost
Enterprise firewall
Velociraptor
Gateway security
Norton internet security
Norton personal firewall
Backup exec
Firewall vpn appliance 100
Firewall vpn appliance 200
Firewall vpn appliance 200r
Sygate personal firewall
Security check
Norton system works
Windows liveupdate
VXFS
Proxysg
Clientless vpn gateway 4400
Gateway security 5400
Antivirus scan engine
Norton antispam
Gateway security 5300
Client firewall
Client security
Brightmail antispam
Nexland isb soho firewall appliance
Nexland pro100 firewall appliance
Nexland pro400 firewall appliance
Nexland pro800 firewall appliance
Nexland pro800turbo firewall appliance
Nexland wavebase firewall appliance
Gateway security 320
Gateway security 360
Gateway security 360r
On command ccm
On icommand
Security check virus detection
Powerquest deploycenter
Web security
Mail security
Sav filter domino nt ports
Sav filter for domino nt
Gateway security 460
Symav filter domino nt
Deployment solution
Reporter
Netbackup enterprise server
Netbackup server
Antivirus scan engine for network attached storage
Antivirus
Discovery
On command discovery
Gateway security 300
Gateway security 400
Gateway security 5000 series
Gateway security 5100
Gateway security 5310
Sygate management server
Ghost solutions suite
Security information manager
On-demand agent
On-demand protection
Enterprise security manager
Host ids
Scan engine
Veritas netbackup client
Veritas netbackup enterprise server
Veritas netbackup server
Naveng driver
Navex15 driver
Sygate network access control
Network access control
Automated support assistant
Livestate agent for windows
Symantec antivirus filtering +for domino
Mail security 8820 appliance
Veritas volume replicator
Norton 360
Veritas storage foundation
Backupexec system recovery
Livestate recovery
Norton save and recovery
Reporting server
Veritas backup exec
Altiris deployment solution
Mail security appliance
Backup exec for windows server
Symantec antivirus clearswift
Symantec antivirus filtering domino mpe
Symantec antivirus messaging
Symantec antivirus microsoft sharepoint
Symantec antivirus ms isa
Symantec antivirus network attached storage
See all Products for Vendor Symantec


Copyright 2024, cxsecurity.com

 

Back to Top