All the vulnerabilites related to symantec - gateway_security_360
cve-2004-1473
Vulnerability from cvelistv5
Published
2005-02-13 05:00
Modified
2024-08-08 00:53
Severity ?
EPSS score ?
Summary
Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 and Gateway Security 320, 360, and 360R running firmware before 622 allow remote attackers to bypass filtering and determine whether the device is running services such as tftpd, snmpd, or isakmp via a UDP port scan with a source port of UDP 53.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/17470 | vdb-entry, x_refsource_XF | |
| http://secunia.com/advisories/12635 | third-party-advisory, x_refsource_SECUNIA | |
| http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html | x_refsource_CONFIRM | |
| http://marc.info/?l=bugtraq&m=109588376426070&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/11237 | vdb-entry, x_refsource_BID | |
| http://www.osvdb.org/10205 | vdb-entry, x_refsource_OSVDB | |
| http://www.kb.cert.org/vuls/id/329230 | third-party-advisory, x_refsource_CERT-VN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:53:23.948Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "symantec-udp-obtain-info(17470)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17470"
},
{
"name": "12635",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/12635"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html"
},
{
"name": "20040922 Multiple Vulnerabilities in Symantec Enterprise Firewall/Gateway Security Products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109588376426070\u0026w=2"
},
{
"name": "11237",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11237"
},
{
"name": "10205",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/10205"
},
{
"name": "VU#329230",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/329230"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-09-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 and Gateway Security 320, 360, and 360R running firmware before 622 allow remote attackers to bypass filtering and determine whether the device is running services such as tftpd, snmpd, or isakmp via a UDP port scan with a source port of UDP 53."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "symantec-udp-obtain-info(17470)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17470"
},
{
"name": "12635",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/12635"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html"
},
{
"name": "20040922 Multiple Vulnerabilities in Symantec Enterprise Firewall/Gateway Security Products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109588376426070\u0026w=2"
},
{
"name": "11237",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11237"
},
{
"name": "10205",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/10205"
},
{
"name": "VU#329230",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/329230"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1473",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 and Gateway Security 320, 360, and 360R running firmware before 622 allow remote attackers to bypass filtering and determine whether the device is running services such as tftpd, snmpd, or isakmp via a UDP port scan with a source port of UDP 53."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "symantec-udp-obtain-info(17470)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17470"
},
{
"name": "12635",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/12635"
},
{
"name": "http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html",
"refsource": "CONFIRM",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html"
},
{
"name": "20040922 Multiple Vulnerabilities in Symantec Enterprise Firewall/Gateway Security Products",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=109588376426070\u0026w=2"
},
{
"name": "11237",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11237"
},
{
"name": "10205",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/10205"
},
{
"name": "VU#329230",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/329230"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1473",
"datePublished": "2005-02-13T05:00:00",
"dateReserved": "2005-02-13T00:00:00",
"dateUpdated": "2024-08-08T00:53:23.948Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-0618
Vulnerability from cvelistv5
Published
2005-03-02 05:00
Modified
2024-08-07 21:21
Severity ?
EPSS score ?
Summary
The SMTP binding function in Symantec Firewall/VPN Appliance 200/200R firmware after 1.5Z and before 1.68, Gateway Security 360/360R and 460/460R firmware before vuild 858, and Nexland Pro800turbo, when configured for load balancing between two WANs, might send SMTP traffic to a trusted network through an untrusted network.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/14428 | third-party-advisory, x_refsource_SECUNIA | |
| http://securityresponse.symantec.com/avcenter/security/Content/2005.02.28.html | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:21:06.605Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "14428",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/14428"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.02.28.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-02-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The SMTP binding function in Symantec Firewall/VPN Appliance 200/200R firmware after 1.5Z and before 1.68, Gateway Security 360/360R and 460/460R firmware before vuild 858, and Nexland Pro800turbo, when configured for load balancing between two WANs, might send SMTP traffic to a trusted network through an untrusted network."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-15T16:38:51",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "14428",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/14428"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.02.28.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0618",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The SMTP binding function in Symantec Firewall/VPN Appliance 200/200R firmware after 1.5Z and before 1.68, Gateway Security 360/360R and 460/460R firmware before vuild 858, and Nexland Pro800turbo, when configured for load balancing between two WANs, might send SMTP traffic to a trusted network through an untrusted network."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "14428",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/14428"
},
{
"name": "http://securityresponse.symantec.com/avcenter/security/Content/2005.02.28.html",
"refsource": "CONFIRM",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.02.28.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-0618",
"datePublished": "2005-03-02T05:00:00",
"dateReserved": "2005-03-02T00:00:00",
"dateUpdated": "2024-08-07T21:21:06.605Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-1474
Vulnerability from cvelistv5
Published
2005-02-13 05:00
Modified
2024-08-08 00:53
Severity ?
EPSS score ?
Summary
Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 and Gateway Security 320, 360, and 360R running firmware before 622 uses a default read/write SNMP community string, which allows remote attackers to alter the firewall's configuration file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/12635 | third-party-advisory, x_refsource_SECUNIA | |
| http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html | x_refsource_CONFIRM | |
| http://www.kb.cert.org/vuls/id/173910 | third-party-advisory, x_refsource_CERT-VN | |
| http://marc.info/?l=bugtraq&m=109588376426070&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.osvdb.org/10206 | vdb-entry, x_refsource_OSVDB | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/17471 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/11237 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:53:24.010Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "12635",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/12635"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html"
},
{
"name": "VU#173910",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/173910"
},
{
"name": "20040922 Multiple Vulnerabilities in Symantec Enterprise Firewall/Gateway Security Products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109588376426070\u0026w=2"
},
{
"name": "10206",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/10206"
},
{
"name": "symantec-default-snmp(17471)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17471"
},
{
"name": "11237",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11237"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-09-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 and Gateway Security 320, 360, and 360R running firmware before 622 uses a default read/write SNMP community string, which allows remote attackers to alter the firewall\u0027s configuration file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "12635",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/12635"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html"
},
{
"name": "VU#173910",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/173910"
},
{
"name": "20040922 Multiple Vulnerabilities in Symantec Enterprise Firewall/Gateway Security Products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109588376426070\u0026w=2"
},
{
"name": "10206",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/10206"
},
{
"name": "symantec-default-snmp(17471)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17471"
},
{
"name": "11237",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11237"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1474",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 and Gateway Security 320, 360, and 360R running firmware before 622 uses a default read/write SNMP community string, which allows remote attackers to alter the firewall\u0027s configuration file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "12635",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/12635"
},
{
"name": "http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html",
"refsource": "CONFIRM",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html"
},
{
"name": "VU#173910",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/173910"
},
{
"name": "20040922 Multiple Vulnerabilities in Symantec Enterprise Firewall/Gateway Security Products",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=109588376426070\u0026w=2"
},
{
"name": "10206",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/10206"
},
{
"name": "symantec-default-snmp(17471)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17471"
},
{
"name": "11237",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11237"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1474",
"datePublished": "2005-02-13T05:00:00",
"dateReserved": "2005-02-13T00:00:00",
"dateUpdated": "2024-08-08T00:53:24.010Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2005-05-02 04:00
Modified
2024-11-20 23:55
Severity ?
Summary
The SMTP binding function in Symantec Firewall/VPN Appliance 200/200R firmware after 1.5Z and before 1.68, Gateway Security 360/360R and 460/460R firmware before vuild 858, and Nexland Pro800turbo, when configured for load balancing between two WANs, might send SMTP traffic to a trusted network through an untrusted network.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nexland | pro800turbo | * | |
| symantec | firewall_vpn_appliance_200r | * | |
| symantec | gateway_security_360 | * | |
| symantec | gateway_security_460 | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nexland:pro800turbo:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E82EF14-BA0E-4F60-AC5F-25EAEF6584E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:firewall_vpn_appliance_200r:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5081F382-CC20-4C7B-A3F8-08FAF31012D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:gateway_security_360:*:*:*:*:*:*:*:*",
"matchCriteriaId": "648415B3-30CB-4712-95C4-ECB81405D75D",
"versionEndIncluding": "857",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:gateway_security_460:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CB952E4C-BE4C-430E-80D2-711C25B781E8",
"versionEndIncluding": "857",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The SMTP binding function in Symantec Firewall/VPN Appliance 200/200R firmware after 1.5Z and before 1.68, Gateway Security 360/360R and 460/460R firmware before vuild 858, and Nexland Pro800turbo, when configured for load balancing between two WANs, might send SMTP traffic to a trusted network through an untrusted network."
}
],
"id": "CVE-2005-0618",
"lastModified": "2024-11-20T23:55:32.073",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-05-02T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/14428"
},
{
"source": "cve@mitre.org",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.02.28.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/14428"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.02.28.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-12-31 05:00
Modified
2024-11-20 23:50
Severity ?
Summary
Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 and Gateway Security 320, 360, and 360R running firmware before 622 uses a default read/write SNMP community string, which allows remote attackers to alter the firewall's configuration file.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:symantec:firewall_vpn_appliance_100:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E5851263-81A6-40AE-8486-E919D5279CC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:firewall_vpn_appliance_200:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E0D3199-365E-4D26-8D23-6492832EF096",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:firewall_vpn_appliance_200r:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5081F382-CC20-4C7B-A3F8-08FAF31012D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:gateway_security_320:*:*:*:*:*:*:*:*",
"matchCriteriaId": "391E553B-0A8C-4934-8B7C-DD6C0F9FF1A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:gateway_security_360:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DEDE5E45-0984-4F8B-8FCE-52E0FBA3DEEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:gateway_security_360r:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0896A267-AE1E-47C1-9C75-67A238727F45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:nexland_isb_soho_firewall_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7EACDC99-3B80-47D8-8BC4-A21CA0BC234B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:nexland_pro100_firewall_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "99238614-0234-4550-84FB-8B1C7B8CE1E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:nexland_pro400_firewall_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "380A5A63-588D-4427-A513-147841B3FB57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:nexland_pro800_firewall_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF31AD20-099E-4323-AE18-40C52878454A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:nexland_pro800turbo_firewall_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9707BBB-8095-451D-80C7-BAC923BCB786",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:nexland_wavebase_firewall_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4D072C1C-FC87-4986-9320-EFD9F58F192C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 and Gateway Security 320, 360, and 360R running firmware before 622 uses a default read/write SNMP community string, which allows remote attackers to alter the firewall\u0027s configuration file."
}
],
"id": "CVE-2004-1474",
"lastModified": "2024-11-20T23:50:58.637",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=109588376426070\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/12635"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/173910"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/10206"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/11237"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17471"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=109588376426070\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/12635"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/173910"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/10206"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/11237"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17471"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-12-31 05:00
Modified
2024-11-20 23:50
Severity ?
Summary
Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 and Gateway Security 320, 360, and 360R running firmware before 622 allow remote attackers to bypass filtering and determine whether the device is running services such as tftpd, snmpd, or isakmp via a UDP port scan with a source port of UDP 53.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:symantec:firewall_vpn_appliance_100:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E5851263-81A6-40AE-8486-E919D5279CC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:firewall_vpn_appliance_200:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E0D3199-365E-4D26-8D23-6492832EF096",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:firewall_vpn_appliance_200r:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5081F382-CC20-4C7B-A3F8-08FAF31012D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:gateway_security_320:*:*:*:*:*:*:*:*",
"matchCriteriaId": "391E553B-0A8C-4934-8B7C-DD6C0F9FF1A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:gateway_security_360:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DEDE5E45-0984-4F8B-8FCE-52E0FBA3DEEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:gateway_security_360r:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0896A267-AE1E-47C1-9C75-67A238727F45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:nexland_isb_soho_firewall_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7EACDC99-3B80-47D8-8BC4-A21CA0BC234B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:nexland_pro100_firewall_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "99238614-0234-4550-84FB-8B1C7B8CE1E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:nexland_pro400_firewall_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "380A5A63-588D-4427-A513-147841B3FB57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:nexland_pro800_firewall_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF31AD20-099E-4323-AE18-40C52878454A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:nexland_pro800turbo_firewall_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9707BBB-8095-451D-80C7-BAC923BCB786",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:nexland_wavebase_firewall_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4D072C1C-FC87-4986-9320-EFD9F58F192C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 and Gateway Security 320, 360, and 360R running firmware before 622 allow remote attackers to bypass filtering and determine whether the device is running services such as tftpd, snmpd, or isakmp via a UDP port scan with a source port of UDP 53."
}
],
"id": "CVE-2004-1473",
"lastModified": "2024-11-20T23:50:58.483",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=109588376426070\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/12635"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/329230"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/10205"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/11237"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17470"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=109588376426070\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/12635"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/329230"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/10205"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/11237"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17470"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}