All the vulnerabilites related to nexland - pro800turbo
Vulnerability from fkie_nvd
Published
2005-05-02 04:00
Modified
2024-11-20 23:55
Severity ?
Summary
The SMTP binding function in Symantec Firewall/VPN Appliance 200/200R firmware after 1.5Z and before 1.68, Gateway Security 360/360R and 460/460R firmware before vuild 858, and Nexland Pro800turbo, when configured for load balancing between two WANs, might send SMTP traffic to a trusted network through an untrusted network.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nexland | pro800turbo | * | |
| symantec | firewall_vpn_appliance_200r | * | |
| symantec | gateway_security_360 | * | |
| symantec | gateway_security_460 | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nexland:pro800turbo:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E82EF14-BA0E-4F60-AC5F-25EAEF6584E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:firewall_vpn_appliance_200r:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5081F382-CC20-4C7B-A3F8-08FAF31012D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:gateway_security_360:*:*:*:*:*:*:*:*",
"matchCriteriaId": "648415B3-30CB-4712-95C4-ECB81405D75D",
"versionEndIncluding": "857",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:gateway_security_460:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CB952E4C-BE4C-430E-80D2-711C25B781E8",
"versionEndIncluding": "857",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The SMTP binding function in Symantec Firewall/VPN Appliance 200/200R firmware after 1.5Z and before 1.68, Gateway Security 360/360R and 460/460R firmware before vuild 858, and Nexland Pro800turbo, when configured for load balancing between two WANs, might send SMTP traffic to a trusted network through an untrusted network."
}
],
"id": "CVE-2005-0618",
"lastModified": "2024-11-20T23:55:32.073",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-05-02T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/14428"
},
{
"source": "cve@mitre.org",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.02.28.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/14428"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.02.28.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2005-0618
Vulnerability from cvelistv5
Published
2005-03-02 05:00
Modified
2024-08-07 21:21
Severity ?
EPSS score ?
Summary
The SMTP binding function in Symantec Firewall/VPN Appliance 200/200R firmware after 1.5Z and before 1.68, Gateway Security 360/360R and 460/460R firmware before vuild 858, and Nexland Pro800turbo, when configured for load balancing between two WANs, might send SMTP traffic to a trusted network through an untrusted network.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/14428 | third-party-advisory, x_refsource_SECUNIA | |
| http://securityresponse.symantec.com/avcenter/security/Content/2005.02.28.html | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:21:06.605Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "14428",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/14428"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.02.28.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-02-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The SMTP binding function in Symantec Firewall/VPN Appliance 200/200R firmware after 1.5Z and before 1.68, Gateway Security 360/360R and 460/460R firmware before vuild 858, and Nexland Pro800turbo, when configured for load balancing between two WANs, might send SMTP traffic to a trusted network through an untrusted network."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-15T16:38:51",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "14428",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/14428"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.02.28.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0618",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The SMTP binding function in Symantec Firewall/VPN Appliance 200/200R firmware after 1.5Z and before 1.68, Gateway Security 360/360R and 460/460R firmware before vuild 858, and Nexland Pro800turbo, when configured for load balancing between two WANs, might send SMTP traffic to a trusted network through an untrusted network."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "14428",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/14428"
},
{
"name": "http://securityresponse.symantec.com/avcenter/security/Content/2005.02.28.html",
"refsource": "CONFIRM",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.02.28.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-0618",
"datePublished": "2005-03-02T05:00:00",
"dateReserved": "2005-03-02T00:00:00",
"dateUpdated": "2024-08-07T21:21:06.605Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
var-200505-0030
Vulnerability from variot
The SMTP binding function in Symantec Firewall/VPN Appliance 200/200R firmware after 1.5Z and before 1.68, Gateway Security 360/360R and 460/460R firmware before vuild 858, and Nexland Pro800turbo, when configured for load balancing between two WANs, might send SMTP traffic to a trusted network through an untrusted network. Symantec Gateway Security is reported prone to a vulnerability that may result in the leakage of potentially sensitive SMTP data. It is reported that this issue manifests when an affected appliance is configured to load-balance two WAN network connections and SMTP binding is configured for a single WAN interface. This may result in SMTP data leakage in deployments where one WAN interface is trusted and the other is not. SMTP traffic bound to the trusted WAN interface is load-balanced onto the untrusted WAN.
Monitor, Filter, and Manage Security Information - Filtering and Management of Secunia advisories - Overview, documentation, and detailed reports - Alerting via email and SMS
Request Trial: https://ca.secunia.com/?f=l
TITLE: Symantec Firewall Devices SMTP Binding Configuration Bypass
SECUNIA ADVISORY ID: SA14428
VERIFY ADVISORY: http://secunia.com/advisories/14428/
CRITICAL: Less critical
IMPACT: Exposure of sensitive information
WHERE:
From remote
OPERATING SYSTEM: Symantec Firewall/VPN Appliance 100/200/200R http://secunia.com/product/552/ Symantec Gateway Security 2.x http://secunia.com/product/3104/ Symantec Nexland Firewall Appliances 1.x http://secunia.com/product/4466/
DESCRIPTION: Arthur Hagen has reported a security issue in various Symantec firewall devices, which may disclose sensitive information to malicious people.
The problem is caused due to an error in the SMTP binding functionality of certain devices with ISP load-balancing capabilities.
The security issue has been reported in the following versions: * Symantec Firewall/VPN Appliance 200/200R (firmware builds prior to build 1.68 and later than 1.5Z) * Symantec Gateway Security 360/360R (firmware builds prior to build 858) * Symantec Gateway Security 460/460R (firmware builds prior to build 858) * Nexland Pro800turbo (firmware builds prior to build 1.6X and later than 1.5Z)
SOLUTION: The vendor has issued updated firmware releases. http://www.symantec.com/techsupp
Symantec Firewall/VPN Appliance models 200 and 200R: Update to build 1.68.
Symantec Gateway Security Appliance 300 and 400 series: Update to build 858.
Nexland Pro800turbo: Update to build 1.6X.
PROVIDED AND/OR DISCOVERED BY: Arthur Hagen
ORIGINAL ADVISORY: http://securityresponse.symantec.com/avcenter/security/Content/2005.02.28.html
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200505-0030",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "firewall vpn appliance 200r",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "*"
},
{
"model": "gateway security 360",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "857"
},
{
"model": "gateway security 460",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "857"
},
{
"model": "pro800turbo",
"scope": "eq",
"trust": 1.0,
"vendor": "nexland",
"version": "*"
},
{
"model": "pro800turbo",
"scope": null,
"trust": 0.6,
"vendor": "nexland",
"version": null
},
{
"model": "nexland pro800turbo firewall appliance",
"scope": null,
"trust": 0.3,
"vendor": "symantec",
"version": null
},
{
"model": "gateway security 460r",
"scope": null,
"trust": 0.3,
"vendor": "symantec",
"version": null
},
{
"model": "gateway security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "460"
},
{
"model": "gateway security 360r",
"scope": null,
"trust": 0.3,
"vendor": "symantec",
"version": null
},
{
"model": "gateway security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "360"
},
{
"model": "firewall/vpn appliance 200r",
"scope": null,
"trust": 0.3,
"vendor": "symantec",
"version": null
},
{
"model": "firewall/vpn appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "200"
},
{
"model": "velociraptor",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "1.5"
},
{
"model": "nexland wavebase firewall appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": null
},
{
"model": "nexland pro800 firewall appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": null
},
{
"model": "nexland pro400 firewall appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": null
},
{
"model": "nexland pro100 firewall appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": null
},
{
"model": "nexland isb soho firewall appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": null
},
{
"model": "gateway security",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "54002.0"
},
{
"model": "gateway security",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "53001.0"
},
{
"model": "gateway security",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "4200"
},
{
"model": "gateway security",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "320"
},
{
"model": "firewall/vpn appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "100"
},
{
"model": "enterprise firewall solaris",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0"
},
{
"model": "enterprise firewall nt/2000",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0"
},
{
"model": "enterprise firewall solaris",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "7.0.4"
},
{
"model": "enterprise firewall nt/2000",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "7.0.4"
},
{
"model": "enterprise firewall solaris",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "7.0"
},
{
"model": "enterprise firewall nt/2000",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "7.0"
}
],
"sources": [
{
"db": "BID",
"id": "12654"
},
{
"db": "NVD",
"id": "CVE-2005-0618"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-369"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:symantec:gateway_security_460:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "857",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:nexland:pro800turbo:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:symantec:firewall_vpn_appliance_200r:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:symantec:gateway_security_360:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "857",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-0618"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovery of this vulnerability is credited to Arthur Hagen of Broomstick Net Services.",
"sources": [
{
"db": "BID",
"id": "12654"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-369"
}
],
"trust": 0.9
},
"cve": "CVE-2005-0618",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-11827",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2005-0618",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200505-369",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-11827",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-11827"
},
{
"db": "NVD",
"id": "CVE-2005-0618"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-369"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The SMTP binding function in Symantec Firewall/VPN Appliance 200/200R firmware after 1.5Z and before 1.68, Gateway Security 360/360R and 460/460R firmware before vuild 858, and Nexland Pro800turbo, when configured for load balancing between two WANs, might send SMTP traffic to a trusted network through an untrusted network. Symantec Gateway Security is reported prone to a vulnerability that may result in the leakage of potentially sensitive SMTP data. \nIt is reported that this issue manifests when an affected appliance is configured to load-balance two WAN network connections and SMTP binding is configured for a single WAN interface. \nThis may result in SMTP data leakage in deployments where one WAN interface is trusted and the other is not. SMTP traffic bound to the trusted WAN interface is load-balanced onto the untrusted WAN. \n----------------------------------------------------------------------\n\nMonitor, Filter, and Manage Security Information\n- Filtering and Management of Secunia advisories\n- Overview, documentation, and detailed reports\n- Alerting via email and SMS\n\nRequest Trial:\nhttps://ca.secunia.com/?f=l\n\n----------------------------------------------------------------------\n\nTITLE:\nSymantec Firewall Devices SMTP Binding Configuration Bypass\n\nSECUNIA ADVISORY ID:\nSA14428\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/14428/\n\nCRITICAL:\nLess critical\n\nIMPACT:\nExposure of sensitive information\n\nWHERE:\n\u003eFrom remote\n\nOPERATING SYSTEM:\nSymantec Firewall/VPN Appliance 100/200/200R\nhttp://secunia.com/product/552/\nSymantec Gateway Security 2.x\nhttp://secunia.com/product/3104/\nSymantec Nexland Firewall Appliances 1.x\nhttp://secunia.com/product/4466/\n\nDESCRIPTION:\nArthur Hagen has reported a security issue in various Symantec\nfirewall devices, which may disclose sensitive information to\nmalicious people. \n\nThe problem is caused due to an error in the SMTP binding\nfunctionality of certain devices with ISP load-balancing\ncapabilities. \n\nThe security issue has been reported in the following versions:\n* Symantec Firewall/VPN Appliance 200/200R (firmware builds prior to\nbuild 1.68 and later than 1.5Z)\n* Symantec Gateway Security 360/360R (firmware builds prior to build\n858)\n* Symantec Gateway Security 460/460R (firmware builds prior to build\n858)\n* Nexland Pro800turbo (firmware builds prior to build 1.6X and later\nthan 1.5Z)\n\nSOLUTION:\nThe vendor has issued updated firmware releases. \nhttp://www.symantec.com/techsupp\n\nSymantec Firewall/VPN Appliance models 200 and 200R:\nUpdate to build 1.68. \n\nSymantec Gateway Security Appliance 300 and 400 series:\nUpdate to build 858. \n\nNexland Pro800turbo:\nUpdate to build 1.6X. \n\nPROVIDED AND/OR DISCOVERED BY:\nArthur Hagen\n\nORIGINAL ADVISORY:\nhttp://securityresponse.symantec.com/avcenter/security/Content/2005.02.28.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2005-0618"
},
{
"db": "BID",
"id": "12654"
},
{
"db": "VULHUB",
"id": "VHN-11827"
},
{
"db": "PACKETSTORM",
"id": "36389"
}
],
"trust": 1.35
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2005-0618",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "14428",
"trust": 1.8
},
{
"db": "CNNVD",
"id": "CNNVD-200505-369",
"trust": 0.7
},
{
"db": "BID",
"id": "12654",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-11827",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "36389",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-11827"
},
{
"db": "BID",
"id": "12654"
},
{
"db": "PACKETSTORM",
"id": "36389"
},
{
"db": "NVD",
"id": "CVE-2005-0618"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-369"
}
]
},
"id": "VAR-200505-0030",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-11827"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:26:02.879000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-0618"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://securityresponse.symantec.com/avcenter/security/content/2005.02.28.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/14428"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/3104/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/4466/"
},
{
"trust": 0.1,
"url": "http://www.symantec.com/techsupp"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/552/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/14428/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?f=l"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-11827"
},
{
"db": "BID",
"id": "12654"
},
{
"db": "PACKETSTORM",
"id": "36389"
},
{
"db": "NVD",
"id": "CVE-2005-0618"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-369"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-11827"
},
{
"db": "BID",
"id": "12654"
},
{
"db": "PACKETSTORM",
"id": "36389"
},
{
"db": "NVD",
"id": "CVE-2005-0618"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-369"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-05-02T00:00:00",
"db": "VULHUB",
"id": "VHN-11827"
},
{
"date": "2005-02-28T00:00:00",
"db": "BID",
"id": "12654"
},
{
"date": "2005-03-01T21:36:29",
"db": "PACKETSTORM",
"id": "36389"
},
{
"date": "2005-05-02T04:00:00",
"db": "NVD",
"id": "CVE-2005-0618"
},
{
"date": "2005-05-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200505-369"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-09-05T00:00:00",
"db": "VULHUB",
"id": "VHN-11827"
},
{
"date": "2009-07-12T10:56:00",
"db": "BID",
"id": "12654"
},
{
"date": "2008-09-05T20:46:49.427000",
"db": "NVD",
"id": "CVE-2005-0618"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200505-369"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200505-369"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Symantec Gateway Security SMTP Data breach vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200505-369"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200505-369"
}
],
"trust": 0.6
}
}