6 results (0.009 seconds)

CVSS: 7.5EPSS: 0%CPEs: 11EXPL: 0

Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in Symantec Dynamic VPN Services, as used in Enterprise Firewall, Gateway Security, and Firewall /VPN Appliance products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. • http://secunia.com/advisories/17684 http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html http://securitytracker.com/id?1015247 http://securitytracker.com/id?1015248 http://securitytracker.com/id?1015249 http://www.vupen.com/english/advisories/2005/2517 •

CVSS: 5.0EPSS: 0%CPEs: 12EXPL: 0

Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 and Gateway Security 320, 360, and 360R running firmware before 622 uses a default read/write SNMP community string, which allows remote attackers to alter the firewall's configuration file. • http://marc.info/?l=bugtraq&m=109588376426070&w=2 http://secunia.com/advisories/12635 http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html http://www.kb.cert.org/vuls/id/173910 http://www.osvdb.org/10206 http://www.securityfocus.com/bid/11237 https://exchange.xforce.ibmcloud.com/vulnerabilities/17471 •

CVSS: 5.0EPSS: 0%CPEs: 12EXPL: 0

Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 and Gateway Security 320, 360, and 360R running firmware before 622 allow remote attackers to bypass filtering and determine whether the device is running services such as tftpd, snmpd, or isakmp via a UDP port scan with a source port of UDP 53. • http://marc.info/?l=bugtraq&m=109588376426070&w=2 http://secunia.com/advisories/12635 http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html http://www.kb.cert.org/vuls/id/329230 http://www.osvdb.org/10205 http://www.securityfocus.com/bid/11237 https://exchange.xforce.ibmcloud.com/vulnerabilities/17470 •

CVSS: 5.0EPSS: 0%CPEs: 12EXPL: 0

Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 allow remote attackers to cause a denial of service (device freeze) via a fast UDP port scan on the WAN interface. • http://marc.info/?l=bugtraq&m=109588376426070&w=2 http://secunia.com/advisories/12635 http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html http://www.kb.cert.org/vuls/id/441078 http://www.osvdb.org/10204 http://www.securityfocus.com/bid/11237 https://exchange.xforce.ibmcloud.com/vulnerabilities/17469 •

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0

Symantec FireWall/VPN Appliance model 200 records a cleartext password for the password administration page, which may be cached on the administrator's local system or in a proxy, which allows attackers to steal the password and gain privileges. Symantec FireWall/VPN Appliance model 200 registra la contraseña de la página de administración en texto claro, que puede ser guardad en caché en el sistema local del administrador o en un proxy, lo que podría permitir a atacantes robar la contraseña y ganar privilegios. • http://lists.grok.org.uk/pipermail/full-disclosure/2004-February/017414.html http://marc.info/?l=bugtraq&m=107694794031839&w=2 http://www.osvdb.org/4117 http://www.securityfocus.com/bid/9784 https://exchange.xforce.ibmcloud.com/vulnerabilities/15212 •