cvelistv5 - cve-2004-0369

CVE-2004-0369 (GCVE-0-2004-0369)

Vulnerability from cvelistv5 – Published: 2005-04-14 04:00 – Updated: 2024-08-08 00:17

Summary

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://www.auscert.org.au/render.html?it=4339	third-party-advisoryx_refsource_AUSCERT
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://xforce.iss.net/xforce/alerts/id/181	third-party-advisoryx_refsource_ISS
	http://securityresponse.symantec.com/avcenter/sec…	x_refsource_CONFIRM
	http://www.ciac.org/ciac/bulletins/o-206.shtml	third-party-advisorygovernment-resourcex_refsource_CIAC
	http://www.securityfocus.com/bid/11039	vdb-entryx_refsource_BID

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:17:14.359Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ESB-2004.0538",
            "tags": [
              "third-party-advisory",
              "x_refsource_AUSCERT",
              "x_transferred"
            ],
            "url": "http://www.auscert.org.au/render.html?it=4339"
          },
          {
            "name": "isakmp-spi-size-bo(15669)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15669"
          },
          {
            "name": "20040826 Entrust LibKmp Library Buffer Overflow",
            "tags": [
              "third-party-advisory",
              "x_refsource_ISS",
              "x_transferred"
            ],
            "url": "http://xforce.iss.net/xforce/alerts/id/181"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.08.26.html"
          },
          {
            "name": "O-206",
            "tags": [
              "third-party-advisory",
              "government-resource",
              "x_refsource_CIAC",
              "x_transferred"
            ],
            "url": "http://www.ciac.org/ciac/bulletins/o-206.shtml"
          },
          {
            "name": "11039",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/11039"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-08-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in Entrust LibKmp ISAKMP library, as used by Symantec Enterprise Firewall 7.0 through 8.0, Gateway Security 5300 1.0, Gateway Security 5400 2.0, and VelociRaptor 1.5, allows remote attackers to execute arbitrary code via a crafted ISAKMP payload."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "ESB-2004.0538",
          "tags": [
            "third-party-advisory",
            "x_refsource_AUSCERT"
          ],
          "url": "http://www.auscert.org.au/render.html?it=4339"
        },
        {
          "name": "isakmp-spi-size-bo(15669)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15669"
        },
        {
          "name": "20040826 Entrust LibKmp Library Buffer Overflow",
          "tags": [
            "third-party-advisory",
            "x_refsource_ISS"
          ],
          "url": "http://xforce.iss.net/xforce/alerts/id/181"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.08.26.html"
        },
        {
          "name": "O-206",
          "tags": [
            "third-party-advisory",
            "government-resource",
            "x_refsource_CIAC"
          ],
          "url": "http://www.ciac.org/ciac/bulletins/o-206.shtml"
        },
        {
          "name": "11039",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/11039"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-0369",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in Entrust LibKmp ISAKMP library, as used by Symantec Enterprise Firewall 7.0 through 8.0, Gateway Security 5300 1.0, Gateway Security 5400 2.0, and VelociRaptor 1.5, allows remote attackers to execute arbitrary code via a crafted ISAKMP payload."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ESB-2004.0538",
              "refsource": "AUSCERT",
              "url": "http://www.auscert.org.au/render.html?it=4339"
            },
            {
              "name": "isakmp-spi-size-bo(15669)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15669"
            },
            {
              "name": "20040826 Entrust LibKmp Library Buffer Overflow",
              "refsource": "ISS",
              "url": "http://xforce.iss.net/xforce/alerts/id/181"
            },
            {
              "name": "http://securityresponse.symantec.com/avcenter/security/Content/2004.08.26.html",
              "refsource": "CONFIRM",
              "url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.08.26.html"
            },
            {
              "name": "O-206",
              "refsource": "CIAC",
              "url": "http://www.ciac.org/ciac/bulletins/o-206.shtml"
            },
            {
              "name": "11039",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/11039"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-0369",
    "datePublished": "2005-04-14T04:00:00",
    "dateReserved": "2004-03-24T00:00:00",
    "dateUpdated": "2024-08-08T00:17:14.359Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:entrust:entrust_libkmp_isakmp_library:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"302E62EC-C81E-4BD5-A8E0-0CC55F34BE17\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:enterprise_firewall:7.0:*:solaris:*:*:*:*:*\", \"matchCriteriaId\": \"8656778B-9299-436B-AF8A-64C042273751\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:enterprise_firewall:7.0.4:*:solaris:*:*:*:*:*\", \"matchCriteriaId\": \"78A16B88-E49B-4C4C-A82E-03511C99872D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:enterprise_firewall:7.0.4:*:windows_2000_nt:*:*:*:*:*\", \"matchCriteriaId\": \"30BE919C-A7DF-46C3-BFF6-F0452F0FC434\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:enterprise_firewall:8.0:*:solaris:*:*:*:*:*\", \"matchCriteriaId\": \"F66D6BB6-2355-4644-8A18-725F9E970EA2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:enterprise_firewall:8.0:*:windows_2000_nt:*:*:*:*:*\", \"matchCriteriaId\": \"AD892E2E-E1C9-49A2-A42C-3B56F2B0BA4D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:velociraptor:1.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C260200D-60D2-41E2-8F5C-50796EBBF8E2\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:symantec:gateway_security_5300:1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3EDDB133-A6C8-45B4-9988-3D3D2F3952E8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:symantec:gateway_security_5400:2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C1B7CF42-F93E-48E6-BCD2-30B357F80DDA\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Buffer overflow in Entrust LibKmp ISAKMP library, as used by Symantec Enterprise Firewall 7.0 through 8.0, Gateway Security 5300 1.0, Gateway Security 5400 2.0, and VelociRaptor 1.5, allows remote attackers to execute arbitrary code via a crafted ISAKMP payload.\"}]",
      "id": "CVE-2004-0369",
      "lastModified": "2024-11-20T23:48:26.050",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": true, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2004-12-31T05:00:00.000",
      "references": "[{\"url\": \"http://securityresponse.symantec.com/avcenter/security/Content/2004.08.26.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.auscert.org.au/render.html?it=4339\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.ciac.org/ciac/bulletins/o-206.shtml\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/11039\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://xforce.iss.net/xforce/alerts/id/181\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/15669\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://securityresponse.symantec.com/avcenter/security/Content/2004.08.26.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.auscert.org.au/render.html?it=4339\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.ciac.org/ciac/bulletins/o-206.shtml\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/11039\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://xforce.iss.net/xforce/alerts/id/181\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/15669\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2004-0369\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2004-12-31T05:00:00.000\",\"lastModified\":\"2025-04-03T01:03:51.193\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Buffer overflow in Entrust LibKmp ISAKMP library, as used by Symantec Enterprise Firewall 7.0 through 8.0, Gateway Security 5300 1.0, Gateway Security 5400 2.0, and VelociRaptor 1.5, allows remote attackers to execute arbitrary code via a crafted ISAKMP payload.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":true,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:entrust:entrust_libkmp_isakmp_library:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"302E62EC-C81E-4BD5-A8E0-0CC55F34BE17\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:enterprise_firewall:7.0:*:solaris:*:*:*:*:*\",\"matchCriteriaId\":\"8656778B-9299-436B-AF8A-64C042273751\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:enterprise_firewall:7.0.4:*:solaris:*:*:*:*:*\",\"matchCriteriaId\":\"78A16B88-E49B-4C4C-A82E-03511C99872D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:enterprise_firewall:7.0.4:*:windows_2000_nt:*:*:*:*:*\",\"matchCriteriaId\":\"30BE919C-A7DF-46C3-BFF6-F0452F0FC434\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:enterprise_firewall:8.0:*:solaris:*:*:*:*:*\",\"matchCriteriaId\":\"F66D6BB6-2355-4644-8A18-725F9E970EA2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:enterprise_firewall:8.0:*:windows_2000_nt:*:*:*:*:*\",\"matchCriteriaId\":\"AD892E2E-E1C9-49A2-A42C-3B56F2B0BA4D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:velociraptor:1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C260200D-60D2-41E2-8F5C-50796EBBF8E2\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:symantec:gateway_security_5300:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3EDDB133-A6C8-45B4-9988-3D3D2F3952E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:symantec:gateway_security_5400:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C1B7CF42-F93E-48E6-BCD2-30B357F80DDA\"}]}]}],\"references\":[{\"url\":\"http://securityresponse.symantec.com/avcenter/security/Content/2004.08.26.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.auscert.org.au/render.html?it=4339\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.ciac.org/ciac/bulletins/o-206.shtml\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/11039\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://xforce.iss.net/xforce/alerts/id/181\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/15669\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://securityresponse.symantec.com/avcenter/security/Content/2004.08.26.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.auscert.org.au/render.html?it=4339\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.ciac.org/ciac/bulletins/o-206.shtml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/11039\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://xforce.iss.net/xforce/alerts/id/181\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/15669\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

FKIE_CVE-2004-0369

Vulnerability from fkie_nvd - Published: 2004-12-31 05:00 - Updated: 2025-04-03 01:03

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://securityresponse.symantec.com/avcenter/security/Content/2004.08.26.html	Vendor Advisory
cve@mitre.org	http://www.auscert.org.au/render.html?it=4339	Vendor Advisory
cve@mitre.org	http://www.ciac.org/ciac/bulletins/o-206.shtml	Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/bid/11039
cve@mitre.org	http://xforce.iss.net/xforce/alerts/id/181	Patch, Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/15669
af854a3a-2127-422b-91ae-364da2661108	http://securityresponse.symantec.com/avcenter/security/Content/2004.08.26.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.auscert.org.au/render.html?it=4339	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.ciac.org/ciac/bulletins/o-206.shtml	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/11039
af854a3a-2127-422b-91ae-364da2661108	http://xforce.iss.net/xforce/alerts/id/181	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/15669

Impacted products

Vendor	Product	Version
entrust	entrust_libkmp_isakmp_library	*
symantec	enterprise_firewall	7.0
symantec	enterprise_firewall	7.0.4
symantec	enterprise_firewall	7.0.4
symantec	enterprise_firewall	8.0
symantec	enterprise_firewall	8.0
symantec	velociraptor	1.5
symantec	gateway_security_5300	1.0
symantec	gateway_security_5400	2.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:entrust:entrust_libkmp_isakmp_library:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "302E62EC-C81E-4BD5-A8E0-0CC55F34BE17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:enterprise_firewall:7.0:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "8656778B-9299-436B-AF8A-64C042273751",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:enterprise_firewall:7.0.4:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "78A16B88-E49B-4C4C-A82E-03511C99872D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:enterprise_firewall:7.0.4:*:windows_2000_nt:*:*:*:*:*",
              "matchCriteriaId": "30BE919C-A7DF-46C3-BFF6-F0452F0FC434",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:enterprise_firewall:8.0:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "F66D6BB6-2355-4644-8A18-725F9E970EA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:enterprise_firewall:8.0:*:windows_2000_nt:*:*:*:*:*",
              "matchCriteriaId": "AD892E2E-E1C9-49A2-A42C-3B56F2B0BA4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:velociraptor:1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "C260200D-60D2-41E2-8F5C-50796EBBF8E2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:symantec:gateway_security_5300:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3EDDB133-A6C8-45B4-9988-3D3D2F3952E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:symantec:gateway_security_5400:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1B7CF42-F93E-48E6-BCD2-30B357F80DDA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in Entrust LibKmp ISAKMP library, as used by Symantec Enterprise Firewall 7.0 through 8.0, Gateway Security 5300 1.0, Gateway Security 5400 2.0, and VelociRaptor 1.5, allows remote attackers to execute arbitrary code via a crafted ISAKMP payload."
    }
  ],
  "id": "CVE-2004-0369",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": true,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2004-12-31T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.08.26.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.auscert.org.au/render.html?it=4339"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ciac.org/ciac/bulletins/o-206.shtml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/11039"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://xforce.iss.net/xforce/alerts/id/181"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15669"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.08.26.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.auscert.org.au/render.html?it=4339"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ciac.org/ciac/bulletins/o-206.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/11039"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://xforce.iss.net/xforce/alerts/id/181"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15669"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2004-0369

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2004-0369

Aliases

CVE-2004-0369

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2004-0369",
    "description": "Buffer overflow in Entrust LibKmp ISAKMP library, as used by Symantec Enterprise Firewall 7.0 through 8.0, Gateway Security 5300 1.0, Gateway Security 5400 2.0, and VelociRaptor 1.5, allows remote attackers to execute arbitrary code via a crafted ISAKMP payload.",
    "id": "GSD-2004-0369"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2004-0369"
      ],
      "details": "Buffer overflow in Entrust LibKmp ISAKMP library, as used by Symantec Enterprise Firewall 7.0 through 8.0, Gateway Security 5300 1.0, Gateway Security 5400 2.0, and VelociRaptor 1.5, allows remote attackers to execute arbitrary code via a crafted ISAKMP payload.",
      "id": "GSD-2004-0369",
      "modified": "2023-12-13T01:22:54.579784Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2004-0369",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Buffer overflow in Entrust LibKmp ISAKMP library, as used by Symantec Enterprise Firewall 7.0 through 8.0, Gateway Security 5300 1.0, Gateway Security 5400 2.0, and VelociRaptor 1.5, allows remote attackers to execute arbitrary code via a crafted ISAKMP payload."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "ESB-2004.0538",
            "refsource": "AUSCERT",
            "url": "http://www.auscert.org.au/render.html?it=4339"
          },
          {
            "name": "isakmp-spi-size-bo(15669)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15669"
          },
          {
            "name": "20040826 Entrust LibKmp Library Buffer Overflow",
            "refsource": "ISS",
            "url": "http://xforce.iss.net/xforce/alerts/id/181"
          },
          {
            "name": "http://securityresponse.symantec.com/avcenter/security/Content/2004.08.26.html",
            "refsource": "CONFIRM",
            "url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.08.26.html"
          },
          {
            "name": "O-206",
            "refsource": "CIAC",
            "url": "http://www.ciac.org/ciac/bulletins/o-206.shtml"
          },
          {
            "name": "11039",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/11039"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:symantec:velociraptor:1.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:enterprise_firewall:7.0.4:*:windows_2000_nt:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:enterprise_firewall:7.0:*:solaris:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:entrust:entrust_libkmp_isakmp_library:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:enterprise_firewall:7.0.4:*:solaris:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:enterprise_firewall:8.0:*:solaris:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:enterprise_firewall:8.0:*:windows_2000_nt:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:symantec:gateway_security_5300:1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:symantec:gateway_security_5400:2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-0369"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Buffer overflow in Entrust LibKmp ISAKMP library, as used by Symantec Enterprise Firewall 7.0 through 8.0, Gateway Security 5300 1.0, Gateway Security 5400 2.0, and VelociRaptor 1.5, allows remote attackers to execute arbitrary code via a crafted ISAKMP payload."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20040826 Entrust LibKmp Library Buffer Overflow",
              "refsource": "ISS",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://xforce.iss.net/xforce/alerts/id/181"
            },
            {
              "name": "http://securityresponse.symantec.com/avcenter/security/Content/2004.08.26.html",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.08.26.html"
            },
            {
              "name": "ESB-2004.0538",
              "refsource": "AUSCERT",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.auscert.org.au/render.html?it=4339"
            },
            {
              "name": "O-206",
              "refsource": "CIAC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.ciac.org/ciac/bulletins/o-206.shtml"
            },
            {
              "name": "11039",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/11039"
            },
            {
              "name": "isakmp-spi-size-bo(15669)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15669"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": true,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2017-07-11T01:30Z",
      "publishedDate": "2004-12-31T05:00Z"
    }
  }
}

GHSA-X4WM-PRRG-M255

Vulnerability from github – Published: 2022-04-29 02:57 – Updated: 2022-04-29 02:57

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2004-0369"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2004-12-31T05:00:00Z",
    "severity": "HIGH"
  },
  "details": "Buffer overflow in Entrust LibKmp ISAKMP library, as used by Symantec Enterprise Firewall 7.0 through 8.0, Gateway Security 5300 1.0, Gateway Security 5400 2.0, and VelociRaptor 1.5, allows remote attackers to execute arbitrary code via a crafted ISAKMP payload.",
  "id": "GHSA-x4wm-prrg-m255",
  "modified": "2022-04-29T02:57:36Z",
  "published": "2022-04-29T02:57:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2004-0369"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15669"
    },
    {
      "type": "WEB",
      "url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.08.26.html"
    },
    {
      "type": "WEB",
      "url": "http://www.auscert.org.au/render.html?it=4339"
    },
    {
      "type": "WEB",
      "url": "http://www.ciac.org/ciac/bulletins/o-206.shtml"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/11039"
    },
    {
      "type": "WEB",
      "url": "http://xforce.iss.net/xforce/alerts/id/181"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

VAR-200412-0107

Vulnerability from variot - Updated: 2023-12-18 12:13

Buffer overflow in Entrust LibKmp ISAKMP library, as used by Symantec Enterprise Firewall 7.0 through 8.0, Gateway Security 5300 1.0, Gateway Security 5400 2.0, and VelociRaptor 1.5, allows remote attackers to execute arbitrary code via a crafted ISAKMP payload. The Entrust LibKMP ISAKMP library is reported to be affected by a remote buffer overflow vulnerability. Malicious ISAKMP packets may trigger a buffer overrun in the affected library resulting in the corruption of process memory. Although unconfirmed, it is conjectured that this vulnerability may be related to the vulnerability described in BID 10273, as Checkpoint VPN-1 may use the affected library. The Entrust LibKmp ISAKMP library is used by multiple VPN vendors to exchange IKE keys for IPSEC-based VPN products. libKmp handles all incoming ISAKMP packets, this library is also used to authenticate and check the processing of incoming requests. The Entrust LibKmp ISAKMP library does not correctly verify incoming ISAKMP packets when implementing the IKE key exchange protocol. Entrust\'\'s LibKmp library is provided by the vendor to third parties to handle the exchange of IKE keys. This library is used in several enterprise firewall VPN products. Entrust\'\'s LibKmp library is fully checked for handling ISAKMP payloads and sizes. But the proposal payload embedded in the main SA payload is not properly filtered. The code that handles these loads has a flaw that can lead to memory corruption, a heap overflow. An attacker exploits this vulnerability to send malicious ISAKMP packets, which can cause the VPN component to crash, and carefully constructed and submitted data may execute arbitrary instructions on the system with process privileges. Product: Symantec Gateway Security 2.0 - Model 5400 Series

Hotfix: SG8000-20040715-00 - Entrust updates

This document contains the following information about the Symantec Gateway Security 2.0 - Model 5400 Series:

Prerequisites
Included modules
Fix description
Installation instructions
Uninstallation instructions

Prerequisites:

HB8000-20031023-00 - December 2003 patch SG8000-20040405-00 - April 2004 patch

Included modules:

isakmpd libEntrust.so libkmp.so

Fix description:

Corrects problem with Denial of Service attack reported against isakmpd in CAN-2004-0369.

Installation instructions:

The April 2004 patch must be installed prior to installing this hotfix.

To install the patch

Download the entrust-sgs20.tgz file to a location that is accessible from the Security Gateway Management Interface (SGMI).
In the SGMI, on the Action menu, click HotFix.
In the left pane of the Hotfix Management window, click Install hotfix.
In the right pane of the Hotfix Management window, click Browse.
In the Choose file dialog box, browse to and select the entrust-sgs20.tgz file, and then click Open.
In the right pane of the Hotfix Management window, click Install.
Wait until a message appears in the right pane of the Hotfix Management window. (Note: there is no visible indication of activity.)
If the message includes a "Restart" link, click the link and wait until the "Security gateway is restarting" message appears.
Close the Hotfix Management window.

Uninstallation instructions:

To uninstall the patch

In the SGMI, on the Action menu, click HotFix.
In the left pane of the Hotfix Management window, click Uninstall hotfix.
In the right pane of the Hotfix Management window, click the radio button next to hotfix ID SG8000-20040715-00.
In the right pane of the Hotfix Management window, click Uninstall.
Wait until a message appears in the right pane of the Hotfix Management window. (Note: there is no visible indication of activity.)
If the message includes a "Restart" link, click the link and wait until the "Security gateway is restarting" message appears.
Close the Hotfix Management window.

. Connect to Symantec Gateway Security (SGS) using the SRMC. Connect to the VelociRaptor using the SRMC. Right-click the VelociRaptor icon. Browse to the location of the *.tgz file. Select Open to load the patch. Answer "No" when asked if you want to reboot the system. Connect to the VelociRaptor using the SRMC. Right-click the VelociRaptor. Select All Tasks > SRL Client. Log into the system. Type: cd /usr/vr/hotfixes/SG7004-20040715-00 and press Enter. Type: ./Uninstall and press Enter

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200412-0107",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "enterprise firewall",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "symantec",
        "version": "7.0.4"
      },
      {
        "model": "enterprise firewall",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "symantec",
        "version": "8.0"
      },
      {
        "model": "velociraptor",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "symantec",
        "version": "1.5"
      },
      {
        "model": "enterprise firewall",
        "scope": "eq",
        "trust": 1.8,
        "vendor": "symantec",
        "version": "7.0"
      },
      {
        "model": "gateway security 5300",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "symantec",
        "version": "1.0"
      },
      {
        "model": "gateway security 5400",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "symantec",
        "version": "2.0"
      },
      {
        "model": "libkmp isakmp library",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "entrust",
        "version": "*"
      },
      {
        "model": "gateway security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "5440"
      },
      {
        "model": "gateway security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "5300"
      },
      {
        "model": "gateway security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "52001.0"
      },
      {
        "model": "gateway security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "51101.0"
      },
      {
        "model": "gateway security 360r",
        "scope": null,
        "trust": 0.3,
        "vendor": "symantec",
        "version": null
      },
      {
        "model": "enterprise firewall solaris",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "7.0.4"
      },
      {
        "model": "enterprise firewall nt/2000",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "7.0.4"
      },
      {
        "model": "enterprise firewall solaris",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "7.0"
      },
      {
        "model": "enterprise firewall nt/2000",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "7.0"
      },
      {
        "model": "libkmp isakmp library",
        "scope": null,
        "trust": 0.3,
        "vendor": "entrust",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "11039"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2004-000340"
      },
      {
        "db": "NVD",
        "id": "CVE-2004-0369"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200412-576"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:symantec:velociraptor:1.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:enterprise_firewall:7.0.4:*:windows_2000_nt:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:enterprise_firewall:7.0:*:solaris:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:entrust:entrust_libkmp_isakmp_library:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:enterprise_firewall:7.0.4:*:solaris:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:enterprise_firewall:8.0:*:solaris:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:enterprise_firewall:8.0:*:windows_2000_nt:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:symantec:gateway_security_5300:1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:symantec:gateway_security_5400:2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2004-0369"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Mark Dowd\nNeel Mehta",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200412-576"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2004-0369",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": true,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 7.5,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "CVE-2004-0369",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-8799",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2004-0369",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200412-576",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-8799",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-8799"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2004-000340"
      },
      {
        "db": "NVD",
        "id": "CVE-2004-0369"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200412-576"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Buffer overflow in Entrust LibKmp ISAKMP library, as used by Symantec Enterprise Firewall 7.0 through 8.0, Gateway Security 5300 1.0, Gateway Security 5400 2.0, and VelociRaptor 1.5, allows remote attackers to execute arbitrary code via a crafted ISAKMP payload. The Entrust LibKMP ISAKMP library is reported to be affected by a remote buffer overflow vulnerability.  Malicious ISAKMP packets may trigger a buffer overrun in the affected library resulting in the corruption of process memory. \nAlthough unconfirmed, it is conjectured that this vulnerability may be related to the vulnerability described in BID 10273, as Checkpoint VPN-1 may use the affected library. The Entrust LibKmp ISAKMP library is used by multiple VPN vendors to exchange IKE keys for IPSEC-based VPN products. libKmp handles all incoming ISAKMP packets, this library is also used to authenticate and check the processing of incoming requests. The Entrust LibKmp ISAKMP library does not correctly verify incoming ISAKMP packets when implementing the IKE key exchange protocol. Entrust\\\u0027\\\u0027s LibKmp library is provided by the vendor to third parties to handle the exchange of IKE keys. This library is used in several enterprise firewall VPN products. Entrust\\\u0027\\\u0027s LibKmp library is fully checked for handling ISAKMP payloads and sizes. But the proposal payload embedded in the main SA payload is not properly filtered. The code that handles these loads has a flaw that can lead to memory corruption, a heap overflow. An attacker exploits this vulnerability to send malicious ISAKMP packets, which can cause the VPN component to crash, and carefully constructed and submitted data may execute arbitrary instructions on the system with process privileges. \nProduct: Symantec Gateway Security 2.0 - Model 5400 Series\t\n\nCopyright \\xa9 2004 Symantec Corporation                                   August, 2004\n************************************************************************************\nHotfix: SG8000-20040715-00 - Entrust updates\n\n************************************************************************************\nThis document contains the following information about the Symantec Gateway Security\n2.0 - Model 5400 Series:\n\n* Prerequisites\n* Included modules\n* Fix description\n* Installation instructions\n* Uninstallation instructions\n\n************************************************************************************\nPrerequisites:\n\nHB8000-20031023-00 - December 2003 patch\nSG8000-20040405-00 - April 2004 patch\n\n************************************************************************************\nIncluded modules:\n\nisakmpd\nlibEntrust.so\nlibkmp.so\n \n************************************************************************************\nFix description:\n\nCorrects problem with Denial of Service attack reported against isakmpd in \nCAN-2004-0369. \n\n************************************************************************************\nInstallation instructions:\n\nThe April 2004 patch must be installed prior to installing this hotfix. \n\nTo install the patch\n\n1.  Download the entrust-sgs20.tgz file to a location that is accessible from \n    the Security Gateway Management Interface (SGMI). \n2.  In the SGMI, on the Action menu, click HotFix. \n3.  In the left pane of the Hotfix Management window, click Install hotfix. \n4.  In the right pane of the Hotfix Management window, click Browse. \n5.  In the Choose file dialog box, browse to and select the entrust-sgs20.tgz file,\n    and then click Open. \n6.  In the right pane of the Hotfix Management window, click Install. \n7.  Wait until a message appears in the right pane of the Hotfix Management window. \n    (Note: there is no visible indication of activity.)\n8.  If the message includes a \"Restart\" link, click the link and wait until the\n    \"Security gateway is restarting\" message appears. \n9.  Close the Hotfix Management window. \n\n\n************************************************************************************\nUninstallation instructions:\n\nTo uninstall the patch\n\n1.  In the SGMI, on the Action menu, click HotFix. \n2.  In the left pane of the Hotfix Management window, click Uninstall hotfix. \n3.  In the right pane of the Hotfix Management window, click the radio button next\n    to hotfix ID SG8000-20040715-00. \n4.  In the right pane of the Hotfix Management window, click Uninstall. \n5.  Wait until a message appears in the right pane of the Hotfix Management window. \n    (Note: there is no visible indication of activity.)\n6.  If the message includes a \"Restart\" link, click the link and wait until the\n    \"Security gateway is restarting\" message appears. \n7.  Close the Hotfix Management window. \n\n\n************************************************************************************\n\n.  Connect to Symantec Gateway Security (SGS) using the SRMC.  Connect to the VelociRaptor using the SRMC.  Right-click the VelociRaptor icon.  Browse to the location of the *.tgz file.  Select Open to load the patch.  Answer \"No\" when asked if you want to reboot the system.  Connect to the VelociRaptor using the SRMC.  Right-click the VelociRaptor.  Select All Tasks \u003e SRL Client.  Log into the system.  Type: cd /usr/vr/hotfixes/SG7004-20040715-00 and press Enter.  Type: ./Uninstall and press Enter",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2004-0369"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2004-000340"
      },
      {
        "db": "BID",
        "id": "11039"
      },
      {
        "db": "VULHUB",
        "id": "VHN-8799"
      },
      {
        "db": "PACKETSTORM",
        "id": "34156"
      },
      {
        "db": "PACKETSTORM",
        "id": "34155"
      },
      {
        "db": "PACKETSTORM",
        "id": "34154"
      }
    ],
    "trust": 2.25
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2004-0369",
        "trust": 3.1
      },
      {
        "db": "BID",
        "id": "11039",
        "trust": 2.8
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2004.0538",
        "trust": 1.7
      },
      {
        "db": "SECUNIA",
        "id": "12371",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2004-000340",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200412-576",
        "trust": 0.7
      },
      {
        "db": "ISS",
        "id": "20040826 ENTRUST LIBKMP LIBRARY BUFFER OVERFLOW",
        "trust": 0.6
      },
      {
        "db": "CIAC",
        "id": "O-206",
        "trust": 0.6
      },
      {
        "db": "XF",
        "id": "15669",
        "trust": 0.6
      },
      {
        "db": "NSFOCUS",
        "id": "6852",
        "trust": 0.6
      },
      {
        "db": "PACKETSTORM",
        "id": "34156",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "34155",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "34154",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-8799",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-8799"
      },
      {
        "db": "BID",
        "id": "11039"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2004-000340"
      },
      {
        "db": "PACKETSTORM",
        "id": "34156"
      },
      {
        "db": "PACKETSTORM",
        "id": "34155"
      },
      {
        "db": "PACKETSTORM",
        "id": "34154"
      },
      {
        "db": "NVD",
        "id": "CVE-2004-0369"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200412-576"
      }
    ]
  },
  "id": "VAR-200412-0107",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-8799"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T12:13:45.018000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SYM04-012",
        "trust": 0.8,
        "url": "http://securityresponse.symantec.com/avcenter/security/content/2004.08.26.html"
      },
      {
        "title": "SYM04-012",
        "trust": 0.8,
        "url": "http://www.symantec.com/region/jp/sarcj/security/content/2004.08.26.html"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2004-000340"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-Other",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2004-0369"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.8,
        "url": "http://xforce.iss.net/xforce/alerts/id/181"
      },
      {
        "trust": 2.5,
        "url": "http://www.securityfocus.com/bid/11039"
      },
      {
        "trust": 2.0,
        "url": "http://securityresponse.symantec.com/avcenter/security/content/2004.08.26.html"
      },
      {
        "trust": 1.7,
        "url": "http://www.auscert.org.au/render.html?it=4339"
      },
      {
        "trust": 1.7,
        "url": "http://www.ciac.org/ciac/bulletins/o-206.shtml"
      },
      {
        "trust": 1.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15669"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2004-0369"
      },
      {
        "trust": 0.8,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2004-0369"
      },
      {
        "trust": 0.8,
        "url": "http://secunia.com/advisories/12371/"
      },
      {
        "trust": 0.6,
        "url": "http://xforce.iss.net/xforce/xfdb/15669"
      },
      {
        "trust": 0.6,
        "url": "http://www.nsfocus.net/vulndb/6852"
      },
      {
        "trust": 0.3,
        "url": "https://www.entrust.com/trustedcare/troubleshooting/bulletins.htm"
      },
      {
        "trust": 0.3,
        "url": "http://enterprisesecurity.symantec.com/products/products.cfm?productid=342\u0026eid=0"
      },
      {
        "trust": 0.3,
        "url": "ftp://ftp.symantec.com/public/updates/entrust-70w-readme.txt"
      },
      {
        "trust": 0.3,
        "url": "ftp://ftp.symantec.com/public/updates/entrust-70s-readme.txt"
      },
      {
        "trust": 0.3,
        "url": "ftp://ftp.symantec.com/public/updates/entrust-704s-readme.txt"
      },
      {
        "trust": 0.3,
        "url": "ftp://ftp.symantec.com/public/updates/entrust-704w-readme.txt"
      },
      {
        "trust": 0.3,
        "url": "http://enterprisesecurity.symantec.com/products/products.cfm?productid=47"
      },
      {
        "trust": 0.3,
        "url": "ftp://ftp.symantec.com/public/updates/entrust-sgs10-readme.txt"
      },
      {
        "trust": 0.3,
        "url": "ftp://ftp.symantec.com/public/updates/entrust-sgs20-readme.txt"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2004-0369"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-8799"
      },
      {
        "db": "BID",
        "id": "11039"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2004-000340"
      },
      {
        "db": "PACKETSTORM",
        "id": "34156"
      },
      {
        "db": "PACKETSTORM",
        "id": "34155"
      },
      {
        "db": "PACKETSTORM",
        "id": "34154"
      },
      {
        "db": "NVD",
        "id": "CVE-2004-0369"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200412-576"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-8799"
      },
      {
        "db": "BID",
        "id": "11039"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2004-000340"
      },
      {
        "db": "PACKETSTORM",
        "id": "34156"
      },
      {
        "db": "PACKETSTORM",
        "id": "34155"
      },
      {
        "db": "PACKETSTORM",
        "id": "34154"
      },
      {
        "db": "NVD",
        "id": "CVE-2004-0369"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200412-576"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2004-12-31T00:00:00",
        "db": "VULHUB",
        "id": "VHN-8799"
      },
      {
        "date": "2004-08-25T00:00:00",
        "db": "BID",
        "id": "11039"
      },
      {
        "date": "2007-04-01T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2004-000340"
      },
      {
        "date": "2004-08-26T20:10:18",
        "db": "PACKETSTORM",
        "id": "34156"
      },
      {
        "date": "2004-08-26T20:09:14",
        "db": "PACKETSTORM",
        "id": "34155"
      },
      {
        "date": "2004-08-26T20:07:58",
        "db": "PACKETSTORM",
        "id": "34154"
      },
      {
        "date": "2004-12-31T05:00:00",
        "db": "NVD",
        "id": "CVE-2004-0369"
      },
      {
        "date": "2004-08-26T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200412-576"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-07-11T00:00:00",
        "db": "VULHUB",
        "id": "VHN-8799"
      },
      {
        "date": "2009-07-12T06:17:00",
        "db": "BID",
        "id": "11039"
      },
      {
        "date": "2007-04-01T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2004-000340"
      },
      {
        "date": "2017-07-11T01:30:06.557000",
        "db": "NVD",
        "id": "CVE-2004-0369"
      },
      {
        "date": "2005-10-20T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200412-576"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200412-576"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Entrust LibKMP ISAKMP Library Remote IPsec/ISAKMP Buffer Overflow Vulnerability",
    "sources": [
      {
        "db": "BID",
        "id": "11039"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200412-576"
      }
    ],
    "trust": 0.9
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Boundary Condition Error",
    "sources": [
      {
        "db": "BID",
        "id": "11039"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200412-576"
      }
    ],
    "trust": 0.9
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2004-0369 (GCVE-0-2004-0369)

FKIE_CVE-2004-0369

GSD-2004-0369

GHSA-X4WM-PRRG-M255

VAR-200412-0107

Tags

Sightings

Nomenclature