VAR-200304-0054
Vulnerability from variot - Updated: 2023-12-18 12:59The HTTP proxy for Symantec Enterprise Firewall (SEF) 7.0 allows proxy users to bypass pattern matching for blocked URLs via requests that are URL-encoded with escapes, Unicode, or UTF-8. When a URL containing a pattern that matches a pattern blocking rule is submitted by a user behind the firewall, that HTTP request will be blocked. The URL rule filtering of the Symantec enterprise firewall lacks proper handling of some codes, and remote attackers can use this vulnerability to bypass security policies and access restricted resources. The HTTP pattern matching function is completed by analyzing the HTTP URL format and comparing the predefined feature database. When the configuration is successful, the request will be blocked and the \'\'403 Forbidden error\'\' message will be returned. However, if the requested URL uses a special encoding (such as escape code, Unicode, UTF-8, etc.), the parsing of the pattern matching will fail, and the attacker successfully bypasses the security rules and accesses the restricted resource
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200304-0054",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "enterprise firewall",
"scope": "eq",
"trust": 2.4,
"vendor": "symantec",
"version": "7.0"
},
{
"model": "enterprise firewall solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.0"
},
{
"model": "enterprise firewall nt/2000",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.0"
}
],
"sources": [
{
"db": "BID",
"id": "7196"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000097"
},
{
"db": "NVD",
"id": "CVE-2003-0106"
},
{
"db": "CNNVD",
"id": "CNNVD-200304-026"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:enterprise_firewall:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0106"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Martin O\u0027Neal\u203b bugtraq@corsaire.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200304-026"
}
],
"trust": 0.6
},
"cve": "CVE-2003-0106",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2003-0106",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-6936",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2003-0106",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200304-026",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-6936",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6936"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000097"
},
{
"db": "NVD",
"id": "CVE-2003-0106"
},
{
"db": "CNNVD",
"id": "CNNVD-200304-026"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The HTTP proxy for Symantec Enterprise Firewall (SEF) 7.0 allows proxy users to bypass pattern matching for blocked URLs via requests that are URL-encoded with escapes, Unicode, or UTF-8. When a URL containing a pattern that matches a pattern blocking rule is submitted by a user behind the firewall, that HTTP request will be blocked. The URL rule filtering of the Symantec enterprise firewall lacks proper handling of some codes, and remote attackers can use this vulnerability to bypass security policies and access restricted resources. The HTTP pattern matching function is completed by analyzing the HTTP URL format and comparing the predefined feature database. When the configuration is successful, the request will be blocked and the \\\u0027\\\u0027403 Forbidden error\\\u0027\\\u0027 message will be returned. However, if the requested URL uses a special encoding (such as escape code, Unicode, UTF-8, etc.), the parsing of the pattern matching will fail, and the attacker successfully bypasses the security rules and accesses the restricted resource",
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0106"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000097"
},
{
"db": "BID",
"id": "7196"
},
{
"db": "VULHUB",
"id": "VHN-6936"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "7196",
"trust": 2.8
},
{
"db": "NVD",
"id": "CVE-2003-0106",
"trust": 2.8
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000097",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200304-026",
"trust": 0.7
},
{
"db": "NTBUGTRAQ",
"id": "20030326 CORSAIRE SECURITY ADVISORY - SYMANTEC ENTERPRISE FIREWALL (SEF) H TTP URL PATTERN EVASION ISSUE",
"trust": 0.6
},
{
"db": "VULNWATCH",
"id": "20030326 CORSAIRE SECURITY ADVISORY - SYMANTEC ENTERPRISE FIREWALL (SEF) H TTP URL PATTERN EVASION ISSUE",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20030326 CORSAIRE SECURITY ADVISORY - SYMANTEC ENTERPRISE FIREWALL (SEF) H TTP URL PATTERN EVASION ISSUE",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-6936",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6936"
},
{
"db": "BID",
"id": "7196"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000097"
},
{
"db": "NVD",
"id": "CVE-2003-0106"
},
{
"db": "CNNVD",
"id": "CNNVD-200304-026"
}
]
},
"id": "VAR-200304-0054",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-6936"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:59:40.543000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "2003032507434754",
"trust": 0.8,
"url": "http://service1.symantec.com/support/ent-gate.nsf/docid/2003032507434754"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2003-000097"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0106"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/7196"
},
{
"trust": 2.0,
"url": "http://service1.symantec.com/support/ent-gate.nsf/docid/2003032507434754"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0152.html"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=104869513822233\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=ntbugtraq\u0026m=104868285106289\u0026w=2"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2003-0106"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2003-0106"
},
{
"trust": 0.8,
"url": "http://www.securiteam.com/windowsntfocus/5tp0l1p9fk.html"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=104869513822233\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=ntbugtraq\u0026m=104868285106289\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.corsaire.com/advisories/030224-002.txt"
},
{
"trust": 0.3,
"url": "http://enterprisesecurity.symantec.com/products/products.cfm?productid=47"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=104869513822233\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=ntbugtraq\u0026amp;m=104868285106289\u0026amp;w=2"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6936"
},
{
"db": "BID",
"id": "7196"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000097"
},
{
"db": "NVD",
"id": "CVE-2003-0106"
},
{
"db": "CNNVD",
"id": "CNNVD-200304-026"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-6936"
},
{
"db": "BID",
"id": "7196"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000097"
},
{
"db": "NVD",
"id": "CVE-2003-0106"
},
{
"db": "CNNVD",
"id": "CNNVD-200304-026"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-04-02T00:00:00",
"db": "VULHUB",
"id": "VHN-6936"
},
{
"date": "2003-03-26T00:00:00",
"db": "BID",
"id": "7196"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2003-000097"
},
{
"date": "2003-04-02T05:00:00",
"db": "NVD",
"id": "CVE-2003-0106"
},
{
"date": "2003-03-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200304-026"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-10-18T00:00:00",
"db": "VULHUB",
"id": "VHN-6936"
},
{
"date": "2009-07-11T21:06:00",
"db": "BID",
"id": "7196"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2003-000097"
},
{
"date": "2016-10-18T02:29:34.990000",
"db": "NVD",
"id": "CVE-2003-0106"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200304-026"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200304-026"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Symantec Enterprise Firewall of URL Vulnerabilities that bypass the filtering function",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2003-000097"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "7196"
},
{
"db": "CNNVD",
"id": "CNNVD-200304-026"
}
],
"trust": 0.9
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…