Vulnerabilites related to symantec - firewall_vpn_appliance_100
Vulnerability from fkie_nvd
Published
2004-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 allow remote attackers to cause a denial of service (device freeze) via a fast UDP port scan on the WAN interface.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:symantec:firewall_vpn_appliance_100:*:*:*:*:*:*:*:*", matchCriteriaId: "E5851263-81A6-40AE-8486-E919D5279CC7", vulnerable: true, }, { criteria: "cpe:2.3:h:symantec:firewall_vpn_appliance_200:*:*:*:*:*:*:*:*", matchCriteriaId: "0E0D3199-365E-4D26-8D23-6492832EF096", vulnerable: true, }, { criteria: "cpe:2.3:h:symantec:firewall_vpn_appliance_200r:*:*:*:*:*:*:*:*", matchCriteriaId: "5081F382-CC20-4C7B-A3F8-08FAF31012D9", vulnerable: true, }, { criteria: "cpe:2.3:h:symantec:gateway_security:320:*:*:*:*:*:*:*", matchCriteriaId: "EFFC0BF4-56EE-414C-8D45-3D2ACCBDC03A", vulnerable: true, }, { criteria: "cpe:2.3:h:symantec:gateway_security:360:*:*:*:*:*:*:*", matchCriteriaId: "6B786C20-6C40-4DBE-AC24-D8B8E98FD6F5", vulnerable: true, }, { criteria: "cpe:2.3:h:symantec:gateway_security:360r:*:*:*:*:*:*:*", matchCriteriaId: "38F65C12-9866-423F-8E59-FE905FE79043", vulnerable: true, }, { criteria: "cpe:2.3:h:symantec:nexland_isb_soho_firewall_appliance:*:*:*:*:*:*:*:*", matchCriteriaId: "7EACDC99-3B80-47D8-8BC4-A21CA0BC234B", vulnerable: true, }, { criteria: "cpe:2.3:h:symantec:nexland_pro100_firewall_appliance:*:*:*:*:*:*:*:*", matchCriteriaId: "99238614-0234-4550-84FB-8B1C7B8CE1E6", vulnerable: true, }, { criteria: "cpe:2.3:h:symantec:nexland_pro400_firewall_appliance:*:*:*:*:*:*:*:*", matchCriteriaId: "380A5A63-588D-4427-A513-147841B3FB57", vulnerable: true, }, { criteria: "cpe:2.3:h:symantec:nexland_pro800_firewall_appliance:*:*:*:*:*:*:*:*", matchCriteriaId: "CF31AD20-099E-4323-AE18-40C52878454A", vulnerable: true, }, { criteria: "cpe:2.3:h:symantec:nexland_pro800turbo_firewall_appliance:*:*:*:*:*:*:*:*", matchCriteriaId: "E9707BBB-8095-451D-80C7-BAC923BCB786", vulnerable: true, }, { criteria: "cpe:2.3:h:symantec:nexland_wavebase_firewall_appliance:*:*:*:*:*:*:*:*", matchCriteriaId: "4D072C1C-FC87-4986-9320-EFD9F58F192C", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 allow remote attackers to cause a denial of service (device freeze) via a fast UDP port scan on the WAN interface.", }, ], id: "CVE-2004-1472", lastModified: "2025-04-03T01:03:51.193", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2004-12-31T05:00:00.000", references: [ { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=109588376426070&w=2", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/12635", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/441078", }, { source: "cve@mitre.org", url: "http://www.osvdb.org/10204", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/11237", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/17469", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=109588376426070&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/12635", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/441078", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.osvdb.org/10204", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/11237", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/17469", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2005-11-23 00:03
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in Symantec Dynamic VPN Services, as used in Enterprise Firewall, Gateway Security, and Firewall /VPN Appliance products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | enterprise_firewall | 8.0 | |
| symantec | enterprise_firewall | 8.0 | |
| symantec | firewall_vpn_appliance_100 | * | |
| symantec | firewall_vpn_appliance_200 | * | |
| symantec | gateway_security_300 | 2.0 | |
| symantec | gateway_security_400 | 2.0 | |
| symantec | gateway_security_5000_series | 3.0 | |
| symantec | gateway_security_5100 | * | |
| symantec | gateway_security_5300 | 1.0 | |
| symantec | gateway_security_5310 | 1.0 | |
| symantec | gateway_security_5400 | 2.0.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:symantec:enterprise_firewall:8.0:*:solaris:*:*:*:*:*", matchCriteriaId: "F66D6BB6-2355-4644-8A18-725F9E970EA2", vulnerable: true, }, { criteria: "cpe:2.3:a:symantec:enterprise_firewall:8.0:*:windows:*:*:*:*:*", matchCriteriaId: "055150B1-5B11-48D1-932C-26C85DF44E07", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:symantec:firewall_vpn_appliance_100:*:*:*:*:*:*:*:*", matchCriteriaId: "E5851263-81A6-40AE-8486-E919D5279CC7", vulnerable: true, }, { criteria: "cpe:2.3:h:symantec:firewall_vpn_appliance_200:*:*:*:*:*:*:*:*", matchCriteriaId: "0E0D3199-365E-4D26-8D23-6492832EF096", vulnerable: true, }, { criteria: "cpe:2.3:h:symantec:gateway_security_300:2.0:*:*:*:*:*:*:*", matchCriteriaId: "6F982965-056D-4253-9CEA-31424AF4B55F", vulnerable: true, }, { criteria: "cpe:2.3:h:symantec:gateway_security_400:2.0:*:*:*:*:*:*:*", matchCriteriaId: "4EF372CA-8FC2-47DD-A3A1-E437CC7D80CA", vulnerable: true, }, { criteria: "cpe:2.3:h:symantec:gateway_security_5000_series:3.0:*:*:*:*:*:*:*", matchCriteriaId: "2362A590-7443-4E50-8F8F-D89165B4F2C5", vulnerable: true, }, { criteria: "cpe:2.3:h:symantec:gateway_security_5100:*:*:*:*:*:*:*:*", matchCriteriaId: "F82B2D6F-EF56-4B62-9784-CF826AC480CD", vulnerable: true, }, { criteria: "cpe:2.3:h:symantec:gateway_security_5300:1.0:*:*:*:*:*:*:*", matchCriteriaId: "3EDDB133-A6C8-45B4-9988-3D3D2F3952E8", vulnerable: true, }, { criteria: "cpe:2.3:h:symantec:gateway_security_5310:1.0:*:*:*:*:*:*:*", matchCriteriaId: "77DA55C0-AD93-429D-AC52-E1E0F35C25D4", vulnerable: true, }, { criteria: "cpe:2.3:h:symantec:gateway_security_5400:2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "DA896DF0-76AD-4CEE-9FE0-5E6758FC9A68", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in Symantec Dynamic VPN Services, as used in Enterprise Firewall, Gateway Security, and Firewall /VPN Appliance products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.", }, ], id: "CVE-2005-3768", lastModified: "2025-04-03T01:03:51.193", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: true, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2005-11-23T00:03:00.000", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/17684", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "http://securitytracker.com/id?1015247", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "http://securitytracker.com/id?1015248", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "http://securitytracker.com/id?1015249", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2005/2517", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/17684", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://securitytracker.com/id?1015247", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://securitytracker.com/id?1015248", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://securitytracker.com/id?1015249", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2005/2517", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2004-03-15 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Symantec FireWall/VPN Appliance model 200 records a cleartext password for the password administration page, which may be cached on the administrator's local system or in a proxy, which allows attackers to steal the password and gain privileges.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | firewall_vpn_appliance_100 | * | |
| symantec | firewall_vpn_appliance_200 | * | |
| symantec | firewall_vpn_appliance_200r | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:symantec:firewall_vpn_appliance_100:*:*:*:*:*:*:*:*", matchCriteriaId: "E5851263-81A6-40AE-8486-E919D5279CC7", vulnerable: true, }, { criteria: "cpe:2.3:h:symantec:firewall_vpn_appliance_200:*:*:*:*:*:*:*:*", matchCriteriaId: "0E0D3199-365E-4D26-8D23-6492832EF096", vulnerable: true, }, { criteria: "cpe:2.3:h:symantec:firewall_vpn_appliance_200r:*:*:*:*:*:*:*:*", matchCriteriaId: "5081F382-CC20-4C7B-A3F8-08FAF31012D9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Symantec FireWall/VPN Appliance model 200 records a cleartext password for the password administration page, which may be cached on the administrator's local system or in a proxy, which allows attackers to steal the password and gain privileges.", }, { lang: "es", value: "Symantec FireWall/VPN Appliance model 200 registra la contraseña de la página de administración en texto claro, que puede ser guardad en caché en el sistema local del administrador o en un proxy, lo que podría permitir a atacantes robar la contraseña y ganar privilegios.", }, ], id: "CVE-2004-0190", lastModified: "2025-04-03T01:03:51.193", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: true, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2004-03-15T05:00:00.000", references: [ { source: "cve@mitre.org", url: "http://lists.grok.org.uk/pipermail/full-disclosure/2004-February/017414.html", }, { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=107694794031839&w=2", }, { source: "cve@mitre.org", url: "http://www.osvdb.org/4117", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.securityfocus.com/bid/9784", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/15212", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.grok.org.uk/pipermail/full-disclosure/2004-February/017414.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=107694794031839&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.osvdb.org/4117", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.securityfocus.com/bid/9784", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/15212", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2004-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 and Gateway Security 320, 360, and 360R running firmware before 622 allow remote attackers to bypass filtering and determine whether the device is running services such as tftpd, snmpd, or isakmp via a UDP port scan with a source port of UDP 53.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:symantec:firewall_vpn_appliance_100:*:*:*:*:*:*:*:*", matchCriteriaId: "E5851263-81A6-40AE-8486-E919D5279CC7", vulnerable: true, }, { criteria: "cpe:2.3:h:symantec:firewall_vpn_appliance_200:*:*:*:*:*:*:*:*", matchCriteriaId: "0E0D3199-365E-4D26-8D23-6492832EF096", vulnerable: true, }, { criteria: "cpe:2.3:h:symantec:firewall_vpn_appliance_200r:*:*:*:*:*:*:*:*", matchCriteriaId: "5081F382-CC20-4C7B-A3F8-08FAF31012D9", vulnerable: true, }, { criteria: "cpe:2.3:h:symantec:gateway_security_320:*:*:*:*:*:*:*:*", matchCriteriaId: "391E553B-0A8C-4934-8B7C-DD6C0F9FF1A7", vulnerable: true, }, { criteria: "cpe:2.3:h:symantec:gateway_security_360:*:*:*:*:*:*:*:*", matchCriteriaId: "DEDE5E45-0984-4F8B-8FCE-52E0FBA3DEEC", vulnerable: true, }, { criteria: "cpe:2.3:h:symantec:gateway_security_360r:*:*:*:*:*:*:*:*", matchCriteriaId: "0896A267-AE1E-47C1-9C75-67A238727F45", vulnerable: true, }, { criteria: "cpe:2.3:h:symantec:nexland_isb_soho_firewall_appliance:*:*:*:*:*:*:*:*", matchCriteriaId: "7EACDC99-3B80-47D8-8BC4-A21CA0BC234B", vulnerable: true, }, { criteria: "cpe:2.3:h:symantec:nexland_pro100_firewall_appliance:*:*:*:*:*:*:*:*", matchCriteriaId: "99238614-0234-4550-84FB-8B1C7B8CE1E6", vulnerable: true, }, { criteria: "cpe:2.3:h:symantec:nexland_pro400_firewall_appliance:*:*:*:*:*:*:*:*", matchCriteriaId: "380A5A63-588D-4427-A513-147841B3FB57", vulnerable: true, }, { criteria: "cpe:2.3:h:symantec:nexland_pro800_firewall_appliance:*:*:*:*:*:*:*:*", matchCriteriaId: "CF31AD20-099E-4323-AE18-40C52878454A", vulnerable: true, }, { criteria: "cpe:2.3:h:symantec:nexland_pro800turbo_firewall_appliance:*:*:*:*:*:*:*:*", matchCriteriaId: "E9707BBB-8095-451D-80C7-BAC923BCB786", vulnerable: true, }, { criteria: "cpe:2.3:h:symantec:nexland_wavebase_firewall_appliance:*:*:*:*:*:*:*:*", matchCriteriaId: "4D072C1C-FC87-4986-9320-EFD9F58F192C", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 and Gateway Security 320, 360, and 360R running firmware before 622 allow remote attackers to bypass filtering and determine whether the device is running services such as tftpd, snmpd, or isakmp via a UDP port scan with a source port of UDP 53.", }, ], id: "CVE-2004-1473", lastModified: "2025-04-03T01:03:51.193", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2004-12-31T05:00:00.000", references: [ { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=109588376426070&w=2", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/12635", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/329230", }, { source: "cve@mitre.org", url: "http://www.osvdb.org/10205", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/11237", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/17470", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=109588376426070&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/12635", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/329230", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.osvdb.org/10205", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/11237", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/17470", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2004-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 and Gateway Security 320, 360, and 360R running firmware before 622 uses a default read/write SNMP community string, which allows remote attackers to alter the firewall's configuration file.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:symantec:firewall_vpn_appliance_100:*:*:*:*:*:*:*:*", matchCriteriaId: "E5851263-81A6-40AE-8486-E919D5279CC7", vulnerable: true, }, { criteria: "cpe:2.3:h:symantec:firewall_vpn_appliance_200:*:*:*:*:*:*:*:*", matchCriteriaId: "0E0D3199-365E-4D26-8D23-6492832EF096", vulnerable: true, }, { criteria: "cpe:2.3:h:symantec:firewall_vpn_appliance_200r:*:*:*:*:*:*:*:*", matchCriteriaId: "5081F382-CC20-4C7B-A3F8-08FAF31012D9", vulnerable: true, }, { criteria: "cpe:2.3:h:symantec:gateway_security_320:*:*:*:*:*:*:*:*", matchCriteriaId: "391E553B-0A8C-4934-8B7C-DD6C0F9FF1A7", vulnerable: true, }, { criteria: "cpe:2.3:h:symantec:gateway_security_360:*:*:*:*:*:*:*:*", matchCriteriaId: "DEDE5E45-0984-4F8B-8FCE-52E0FBA3DEEC", vulnerable: true, }, { criteria: "cpe:2.3:h:symantec:gateway_security_360r:*:*:*:*:*:*:*:*", matchCriteriaId: "0896A267-AE1E-47C1-9C75-67A238727F45", vulnerable: true, }, { criteria: "cpe:2.3:h:symantec:nexland_isb_soho_firewall_appliance:*:*:*:*:*:*:*:*", matchCriteriaId: "7EACDC99-3B80-47D8-8BC4-A21CA0BC234B", vulnerable: true, }, { criteria: "cpe:2.3:h:symantec:nexland_pro100_firewall_appliance:*:*:*:*:*:*:*:*", matchCriteriaId: "99238614-0234-4550-84FB-8B1C7B8CE1E6", vulnerable: true, }, { criteria: "cpe:2.3:h:symantec:nexland_pro400_firewall_appliance:*:*:*:*:*:*:*:*", matchCriteriaId: "380A5A63-588D-4427-A513-147841B3FB57", vulnerable: true, }, { criteria: "cpe:2.3:h:symantec:nexland_pro800_firewall_appliance:*:*:*:*:*:*:*:*", matchCriteriaId: "CF31AD20-099E-4323-AE18-40C52878454A", vulnerable: true, }, { criteria: "cpe:2.3:h:symantec:nexland_pro800turbo_firewall_appliance:*:*:*:*:*:*:*:*", matchCriteriaId: "E9707BBB-8095-451D-80C7-BAC923BCB786", vulnerable: true, }, { criteria: "cpe:2.3:h:symantec:nexland_wavebase_firewall_appliance:*:*:*:*:*:*:*:*", matchCriteriaId: "4D072C1C-FC87-4986-9320-EFD9F58F192C", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 and Gateway Security 320, 360, and 360R running firmware before 622 uses a default read/write SNMP community string, which allows remote attackers to alter the firewall's configuration file.", }, ], id: "CVE-2004-1474", lastModified: "2025-04-03T01:03:51.193", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2004-12-31T05:00:00.000", references: [ { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=109588376426070&w=2", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/12635", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/173910", }, { source: "cve@mitre.org", url: "http://www.osvdb.org/10206", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "http://www.securityfocus.com/bid/11237", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/17471", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=109588376426070&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/12635", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/173910", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.osvdb.org/10206", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://www.securityfocus.com/bid/11237", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/17471", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2002-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Symantec Firewall/VPN Appliance 100 through 200R hardcodes the administrator's MAC address inside the firewall's configuration, which allows remote attackers to spoof the administrator's MAC address and perform an ARP poisoning man-in-the-middle attack to obtain the administrator's password.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | firewall_vpn_appliance_100 | * | |
| symantec | firewall_vpn_appliance_200 | * | |
| symantec | firewall_vpn_appliance_200r | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:symantec:firewall_vpn_appliance_100:*:*:*:*:*:*:*:*", matchCriteriaId: "E5851263-81A6-40AE-8486-E919D5279CC7", vulnerable: true, }, { criteria: "cpe:2.3:h:symantec:firewall_vpn_appliance_200:*:*:*:*:*:*:*:*", matchCriteriaId: "0E0D3199-365E-4D26-8D23-6492832EF096", vulnerable: true, }, { criteria: "cpe:2.3:h:symantec:firewall_vpn_appliance_200r:*:*:*:*:*:*:*:*", matchCriteriaId: "5081F382-CC20-4C7B-A3F8-08FAF31012D9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Symantec Firewall/VPN Appliance 100 through 200R hardcodes the administrator's MAC address inside the firewall's configuration, which allows remote attackers to spoof the administrator's MAC address and perform an ARP poisoning man-in-the-middle attack to obtain the administrator's password.", }, ], id: "CVE-2002-1937", lastModified: "2025-04-03T01:03:51.193", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2002-12-31T05:00:00.000", references: [ { source: "cve@mitre.org", url: "http://archives.neohapsis.com/archives/bugtraq/2002-10/0314.html", }, { source: "cve@mitre.org", url: "http://archives.neohapsis.com/archives/bugtraq/2002-10/0329.html", }, { source: "cve@mitre.org", url: "http://www.iss.net/security_center/static/10442.php", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://archives.neohapsis.com/archives/bugtraq/2002-10/0314.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://archives.neohapsis.com/archives/bugtraq/2002-10/0329.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.iss.net/security_center/static/10442.php", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
cve-2005-3768
Vulnerability from cvelistv5
Published
2005-11-23 00:00
Modified
2024-08-07 23:24
Severity ?
EPSS score ?
Summary
Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in Symantec Dynamic VPN Services, as used in Enterprise Firewall, Gateway Security, and Firewall /VPN Appliance products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.
References
| ▼ | URL | Tags |
|---|---|---|
| http://securitytracker.com/id?1015247 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/17684 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.vupen.com/english/advisories/2005/2517 | vdb-entry, x_refsource_VUPEN | |
| http://securitytracker.com/id?1015249 | vdb-entry, x_refsource_SECTRACK | |
| http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html | x_refsource_CONFIRM | |
| http://securitytracker.com/id?1015248 | vdb-entry, x_refsource_SECTRACK |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T23:24:36.178Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "1015247", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://securitytracker.com/id?1015247", }, { name: "17684", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/17684", }, { name: "ADV-2005-2517", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2005/2517", }, { name: "1015249", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://securitytracker.com/id?1015249", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html", }, { name: "1015248", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://securitytracker.com/id?1015248", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2005-11-21T00:00:00", descriptions: [ { lang: "en", value: "Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in Symantec Dynamic VPN Services, as used in Enterprise Firewall, Gateway Security, and Firewall /VPN Appliance products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2009-02-26T10:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "1015247", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://securitytracker.com/id?1015247", }, { name: "17684", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/17684", }, { name: "ADV-2005-2517", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2005/2517", }, { name: "1015249", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://securitytracker.com/id?1015249", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html", }, { name: "1015248", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://securitytracker.com/id?1015248", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2005-3768", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in Symantec Dynamic VPN Services, as used in Enterprise Firewall, Gateway Security, and Firewall /VPN Appliance products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "1015247", refsource: "SECTRACK", url: "http://securitytracker.com/id?1015247", }, { name: "17684", refsource: "SECUNIA", url: "http://secunia.com/advisories/17684", }, { name: "ADV-2005-2517", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2005/2517", }, { name: "1015249", refsource: "SECTRACK", url: "http://securitytracker.com/id?1015249", }, { name: "http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html", refsource: "CONFIRM", url: "http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html", }, { name: "1015248", refsource: "SECTRACK", url: "http://securitytracker.com/id?1015248", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2005-3768", datePublished: "2005-11-23T00:00:00", dateReserved: "2005-11-22T00:00:00", dateUpdated: "2024-08-07T23:24:36.178Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2004-0190
Vulnerability from cvelistv5
Published
2004-09-01 04:00
Modified
2024-08-08 00:10
Severity ?
EPSS score ?
Summary
Symantec FireWall/VPN Appliance model 200 records a cleartext password for the password administration page, which may be cached on the administrator's local system or in a proxy, which allows attackers to steal the password and gain privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/15212 | vdb-entry, x_refsource_XF | |
| http://marc.info/?l=bugtraq&m=107694794031839&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/9784 | vdb-entry, x_refsource_BID | |
| http://www.osvdb.org/4117 | vdb-entry, x_refsource_OSVDB | |
| http://lists.grok.org.uk/pipermail/full-disclosure/2004-February/017414.html | mailing-list, x_refsource_FULLDISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T00:10:03.624Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "symantec-firewallvpn-password-plaintext(15212)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/15212", }, { name: "20040216 Symantec FireWall/VPN Appliance model 200 leak of security", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=107694794031839&w=2", }, { name: "9784", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/9784", }, { name: "4117", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://www.osvdb.org/4117", }, { name: "20040216 Symantec FireWall/VPN Appliance model 200 leak of security", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://lists.grok.org.uk/pipermail/full-disclosure/2004-February/017414.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2004-02-16T00:00:00", descriptions: [ { lang: "en", value: "Symantec FireWall/VPN Appliance model 200 records a cleartext password for the password administration page, which may be cached on the administrator's local system or in a proxy, which allows attackers to steal the password and gain privileges.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2004-08-18T00:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "symantec-firewallvpn-password-plaintext(15212)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/15212", }, { name: "20040216 Symantec FireWall/VPN Appliance model 200 leak of security", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://marc.info/?l=bugtraq&m=107694794031839&w=2", }, { name: "9784", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/9784", }, { name: "4117", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://www.osvdb.org/4117", }, { name: "20040216 Symantec FireWall/VPN Appliance model 200 leak of security", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://lists.grok.org.uk/pipermail/full-disclosure/2004-February/017414.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2004-0190", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Symantec FireWall/VPN Appliance model 200 records a cleartext password for the password administration page, which may be cached on the administrator's local system or in a proxy, which allows attackers to steal the password and gain privileges.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "symantec-firewallvpn-password-plaintext(15212)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/15212", }, { name: "20040216 Symantec FireWall/VPN Appliance model 200 leak of security", refsource: "BUGTRAQ", url: "http://marc.info/?l=bugtraq&m=107694794031839&w=2", }, { name: "9784", refsource: "BID", url: "http://www.securityfocus.com/bid/9784", }, { name: "4117", refsource: "OSVDB", url: "http://www.osvdb.org/4117", }, { name: "20040216 Symantec FireWall/VPN Appliance model 200 leak of security", refsource: "FULLDISC", url: "http://lists.grok.org.uk/pipermail/full-disclosure/2004-February/017414.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2004-0190", datePublished: "2004-09-01T04:00:00", dateReserved: "2004-03-03T00:00:00", dateUpdated: "2024-08-08T00:10:03.624Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2004-1473
Vulnerability from cvelistv5
Published
2005-02-13 05:00
Modified
2024-08-08 00:53
Severity ?
EPSS score ?
Summary
Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 and Gateway Security 320, 360, and 360R running firmware before 622 allow remote attackers to bypass filtering and determine whether the device is running services such as tftpd, snmpd, or isakmp via a UDP port scan with a source port of UDP 53.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/17470 | vdb-entry, x_refsource_XF | |
| http://secunia.com/advisories/12635 | third-party-advisory, x_refsource_SECUNIA | |
| http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html | x_refsource_CONFIRM | |
| http://marc.info/?l=bugtraq&m=109588376426070&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/11237 | vdb-entry, x_refsource_BID | |
| http://www.osvdb.org/10205 | vdb-entry, x_refsource_OSVDB | |
| http://www.kb.cert.org/vuls/id/329230 | third-party-advisory, x_refsource_CERT-VN |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T00:53:23.948Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "symantec-udp-obtain-info(17470)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/17470", }, { name: "12635", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/12635", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html", }, { name: "20040922 Multiple Vulnerabilities in Symantec Enterprise Firewall/Gateway Security Products", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=109588376426070&w=2", }, { name: "11237", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/11237", }, { name: "10205", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://www.osvdb.org/10205", }, { name: "VU#329230", tags: [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred", ], url: "http://www.kb.cert.org/vuls/id/329230", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2004-09-22T00:00:00", descriptions: [ { lang: "en", value: "Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 and Gateway Security 320, 360, and 360R running firmware before 622 allow remote attackers to bypass filtering and determine whether the device is running services such as tftpd, snmpd, or isakmp via a UDP port scan with a source port of UDP 53.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-07-10T14:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "symantec-udp-obtain-info(17470)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/17470", }, { name: "12635", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/12635", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html", }, { name: "20040922 Multiple Vulnerabilities in Symantec Enterprise Firewall/Gateway Security Products", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://marc.info/?l=bugtraq&m=109588376426070&w=2", }, { name: "11237", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/11237", }, { name: "10205", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://www.osvdb.org/10205", }, { name: "VU#329230", tags: [ "third-party-advisory", "x_refsource_CERT-VN", ], url: "http://www.kb.cert.org/vuls/id/329230", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2004-1473", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 and Gateway Security 320, 360, and 360R running firmware before 622 allow remote attackers to bypass filtering and determine whether the device is running services such as tftpd, snmpd, or isakmp via a UDP port scan with a source port of UDP 53.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "symantec-udp-obtain-info(17470)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/17470", }, { name: "12635", refsource: "SECUNIA", url: "http://secunia.com/advisories/12635", }, { name: "http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html", refsource: "CONFIRM", url: "http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html", }, { name: "20040922 Multiple Vulnerabilities in Symantec Enterprise Firewall/Gateway Security Products", refsource: "BUGTRAQ", url: "http://marc.info/?l=bugtraq&m=109588376426070&w=2", }, { name: "11237", refsource: "BID", url: "http://www.securityfocus.com/bid/11237", }, { name: "10205", refsource: "OSVDB", url: "http://www.osvdb.org/10205", }, { name: "VU#329230", refsource: "CERT-VN", url: "http://www.kb.cert.org/vuls/id/329230", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2004-1473", datePublished: "2005-02-13T05:00:00", dateReserved: "2005-02-13T00:00:00", dateUpdated: "2024-08-08T00:53:23.948Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2004-1474
Vulnerability from cvelistv5
Published
2005-02-13 05:00
Modified
2024-08-08 00:53
Severity ?
EPSS score ?
Summary
Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 and Gateway Security 320, 360, and 360R running firmware before 622 uses a default read/write SNMP community string, which allows remote attackers to alter the firewall's configuration file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/12635 | third-party-advisory, x_refsource_SECUNIA | |
| http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html | x_refsource_CONFIRM | |
| http://www.kb.cert.org/vuls/id/173910 | third-party-advisory, x_refsource_CERT-VN | |
| http://marc.info/?l=bugtraq&m=109588376426070&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.osvdb.org/10206 | vdb-entry, x_refsource_OSVDB | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/17471 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/11237 | vdb-entry, x_refsource_BID |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T00:53:24.010Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "12635", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/12635", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html", }, { name: "VU#173910", tags: [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred", ], url: "http://www.kb.cert.org/vuls/id/173910", }, { name: "20040922 Multiple Vulnerabilities in Symantec Enterprise Firewall/Gateway Security Products", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=109588376426070&w=2", }, { name: "10206", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://www.osvdb.org/10206", }, { name: "symantec-default-snmp(17471)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/17471", }, { name: "11237", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/11237", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2004-09-22T00:00:00", descriptions: [ { lang: "en", value: "Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 and Gateway Security 320, 360, and 360R running firmware before 622 uses a default read/write SNMP community string, which allows remote attackers to alter the firewall's configuration file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-07-10T14:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "12635", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/12635", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html", }, { name: "VU#173910", tags: [ "third-party-advisory", "x_refsource_CERT-VN", ], url: "http://www.kb.cert.org/vuls/id/173910", }, { name: "20040922 Multiple Vulnerabilities in Symantec Enterprise Firewall/Gateway Security Products", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://marc.info/?l=bugtraq&m=109588376426070&w=2", }, { name: "10206", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://www.osvdb.org/10206", }, { name: "symantec-default-snmp(17471)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/17471", }, { name: "11237", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/11237", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2004-1474", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 and Gateway Security 320, 360, and 360R running firmware before 622 uses a default read/write SNMP community string, which allows remote attackers to alter the firewall's configuration file.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "12635", refsource: "SECUNIA", url: "http://secunia.com/advisories/12635", }, { name: "http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html", refsource: "CONFIRM", url: "http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html", }, { name: "VU#173910", refsource: "CERT-VN", url: "http://www.kb.cert.org/vuls/id/173910", }, { name: "20040922 Multiple Vulnerabilities in Symantec Enterprise Firewall/Gateway Security Products", refsource: "BUGTRAQ", url: "http://marc.info/?l=bugtraq&m=109588376426070&w=2", }, { name: "10206", refsource: "OSVDB", url: "http://www.osvdb.org/10206", }, { name: "symantec-default-snmp(17471)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/17471", }, { name: "11237", refsource: "BID", url: "http://www.securityfocus.com/bid/11237", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2004-1474", datePublished: "2005-02-13T05:00:00", dateReserved: "2005-02-13T00:00:00", dateUpdated: "2024-08-08T00:53:24.010Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2004-1472
Vulnerability from cvelistv5
Published
2005-02-13 05:00
Modified
2024-08-08 00:53
Severity ?
EPSS score ?
Summary
Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 allow remote attackers to cause a denial of service (device freeze) via a fast UDP port scan on the WAN interface.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/12635 | third-party-advisory, x_refsource_SECUNIA | |
| http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html | x_refsource_CONFIRM | |
| http://marc.info/?l=bugtraq&m=109588376426070&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/17469 | vdb-entry, x_refsource_XF | |
| http://www.kb.cert.org/vuls/id/441078 | third-party-advisory, x_refsource_CERT-VN | |
| http://www.securityfocus.com/bid/11237 | vdb-entry, x_refsource_BID | |
| http://www.osvdb.org/10204 | vdb-entry, x_refsource_OSVDB |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T00:53:23.927Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "12635", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/12635", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html", }, { name: "20040922 Multiple Vulnerabilities in Symantec Enterprise Firewall/Gateway Security Products", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=109588376426070&w=2", }, { name: "symantec-firewallvpn-udp-dos(17469)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/17469", }, { name: "VU#441078", tags: [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred", ], url: "http://www.kb.cert.org/vuls/id/441078", }, { name: "11237", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/11237", }, { name: "10204", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://www.osvdb.org/10204", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2004-09-22T00:00:00", descriptions: [ { lang: "en", value: "Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 allow remote attackers to cause a denial of service (device freeze) via a fast UDP port scan on the WAN interface.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-07-10T14:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "12635", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/12635", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html", }, { name: "20040922 Multiple Vulnerabilities in Symantec Enterprise Firewall/Gateway Security Products", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://marc.info/?l=bugtraq&m=109588376426070&w=2", }, { name: "symantec-firewallvpn-udp-dos(17469)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/17469", }, { name: "VU#441078", tags: [ "third-party-advisory", "x_refsource_CERT-VN", ], url: "http://www.kb.cert.org/vuls/id/441078", }, { name: "11237", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/11237", }, { name: "10204", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://www.osvdb.org/10204", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2004-1472", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 allow remote attackers to cause a denial of service (device freeze) via a fast UDP port scan on the WAN interface.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "12635", refsource: "SECUNIA", url: "http://secunia.com/advisories/12635", }, { name: "http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html", refsource: "CONFIRM", url: "http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html", }, { name: "20040922 Multiple Vulnerabilities in Symantec Enterprise Firewall/Gateway Security Products", refsource: "BUGTRAQ", url: "http://marc.info/?l=bugtraq&m=109588376426070&w=2", }, { name: "symantec-firewallvpn-udp-dos(17469)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/17469", }, { name: "VU#441078", refsource: "CERT-VN", url: "http://www.kb.cert.org/vuls/id/441078", }, { name: "11237", refsource: "BID", url: "http://www.securityfocus.com/bid/11237", }, { name: "10204", refsource: "OSVDB", url: "http://www.osvdb.org/10204", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2004-1472", datePublished: "2005-02-13T05:00:00", dateReserved: "2005-02-13T00:00:00", dateUpdated: "2024-08-08T00:53:23.927Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2002-1937
Vulnerability from cvelistv5
Published
2005-06-28 04:00
Modified
2024-09-16 16:38
Severity ?
EPSS score ?
Summary
Symantec Firewall/VPN Appliance 100 through 200R hardcodes the administrator's MAC address inside the firewall's configuration, which allows remote attackers to spoof the administrator's MAC address and perform an ARP poisoning man-in-the-middle attack to obtain the administrator's password.
References
| ▼ | URL | Tags |
|---|---|---|
| http://archives.neohapsis.com/archives/bugtraq/2002-10/0329.html | mailing-list, x_refsource_BUGTRAQ | |
| http://www.iss.net/security_center/static/10442.php | vdb-entry, x_refsource_XF | |
| http://archives.neohapsis.com/archives/bugtraq/2002-10/0314.html | mailing-list, x_refsource_BUGTRAQ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T03:43:33.610Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20021022 Re: Sniffing Administrator's Password in Symantec Firewall/VPN Appliance V. 200R", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://archives.neohapsis.com/archives/bugtraq/2002-10/0329.html", }, { name: "firewallvpn-arp-mitm(10442)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "http://www.iss.net/security_center/static/10442.php", }, { name: "20021022 Sniffing Administrator's Password in Symantec Firewall/VPN Appliance V. 200R", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://archives.neohapsis.com/archives/bugtraq/2002-10/0314.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Symantec Firewall/VPN Appliance 100 through 200R hardcodes the administrator's MAC address inside the firewall's configuration, which allows remote attackers to spoof the administrator's MAC address and perform an ARP poisoning man-in-the-middle attack to obtain the administrator's password.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2005-06-28T04:00:00Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "20021022 Re: Sniffing Administrator's Password in Symantec Firewall/VPN Appliance V. 200R", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://archives.neohapsis.com/archives/bugtraq/2002-10/0329.html", }, { name: "firewallvpn-arp-mitm(10442)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "http://www.iss.net/security_center/static/10442.php", }, { name: "20021022 Sniffing Administrator's Password in Symantec Firewall/VPN Appliance V. 200R", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://archives.neohapsis.com/archives/bugtraq/2002-10/0314.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2002-1937", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Symantec Firewall/VPN Appliance 100 through 200R hardcodes the administrator's MAC address inside the firewall's configuration, which allows remote attackers to spoof the administrator's MAC address and perform an ARP poisoning man-in-the-middle attack to obtain the administrator's password.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "20021022 Re: Sniffing Administrator's Password in Symantec Firewall/VPN Appliance V. 200R", refsource: "BUGTRAQ", url: "http://archives.neohapsis.com/archives/bugtraq/2002-10/0329.html", }, { name: "firewallvpn-arp-mitm(10442)", refsource: "XF", url: "http://www.iss.net/security_center/static/10442.php", }, { name: "20021022 Sniffing Administrator's Password in Symantec Firewall/VPN Appliance V. 200R", refsource: "BUGTRAQ", url: "http://archives.neohapsis.com/archives/bugtraq/2002-10/0314.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2002-1937", datePublished: "2005-06-28T04:00:00Z", dateReserved: "2005-06-28T04:00:00Z", dateUpdated: "2024-09-16T16:38:24.973Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }