CVSS: 7.5EPSS: 0%CPEs: 15EXPL: 0CVE-2006-4562
https://notcve.org/view.php?id=CVE-2006-4562
06 Sep 2006 — The proxy DNS service in Symantec Gateway Security (SGS) allows remote attackers to make arbitrary DNS queries to third-party DNS servers, while hiding the source IP address of the attacker. NOTE: another researcher has stated that the default configuration does not proxy DNS queries received on the external interface ** DISCUTIDO ** El servicio proxy DNS en Symantec Gateway Security (SGS) permite a un atacante remoto hacer consultas DNS de su elección a los servidores DNS de terceras personas, mientras se ... • http://www.securityfocus.com/archive/1/444114/100/100/threaded •
CVSS: 9.8EPSS: 4%CPEs: 11EXPL: 0CVE-2005-3768
https://notcve.org/view.php?id=CVE-2005-3768
23 Nov 2005 — Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in Symantec Dynamic VPN Services, as used in Enterprise Firewall, Gateway Security, and Firewall /VPN Appliance products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. • http://secunia.com/advisories/17684 •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2005-0817
https://notcve.org/view.php?id=CVE-2005-0817
20 Mar 2005 — Unknown vulnerability in the DNSd proxy, as used in Symantec Gateway Security 5400 2.x and 5300 1.x, Enterprise Firewall 7.0.x and 8.x, and VelociRaptor 1100/1200/1300 1.5, allows remote attackers to poison the DNS cache and redirect users to malicious sites. • http://archives.neohapsis.com/archives/bugtraq/2004-06/0225.html •
CVSS: 8.8EPSS: 10%CPEs: 49EXPL: 0CVE-2005-0249
https://notcve.org/view.php?id=CVE-2005-0249
08 Feb 2005 — Heap-based buffer overflow in the DEC2EXE module for Symantec AntiVirus Library allows remote attackers to execute arbitrary code via a UPX compressed file containing a negative virtual offset to a crafted PE header. • http://securitytracker.com/id?1013133 •
CVSS: 9.8EPSS: 8%CPEs: 9EXPL: 0CVE-2004-0369
https://notcve.org/view.php?id=CVE-2004-0369
31 Dec 2004 — Buffer overflow in Entrust LibKmp ISAKMP library, as used by Symantec Enterprise Firewall 7.0 through 8.0, Gateway Security 5300 1.0, Gateway Security 5400 2.0, and VelociRaptor 1.5, allows remote attackers to execute arbitrary code via a crafted ISAKMP payload. • http://securityresponse.symantec.com/avcenter/security/Content/2004.08.26.html •
CVSS: 7.5EPSS: 4%CPEs: 11EXPL: 3CVE-2004-1754 – Symantec Enterprise Firewall 7.0/8.0 - DNSD DNS Cache Poisoning
https://notcve.org/view.php?id=CVE-2004-1754
15 Jun 2004 — The DNS proxy (DNSd) for multiple Symantec Gateway Security products allows remote attackers to poison the DNS cache via a malicious DNS server query response that contains authoritative or additional records. • https://www.exploit-db.com/exploits/24218 •
CVSS: 7.5EPSS: 1%CPEs: 14EXPL: 0CVE-2002-2294
https://notcve.org/view.php?id=CVE-2002-2294
31 Dec 2002 — Multiple buffer overflows in Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 allow remote attackers to cause a denial of service (service termination) via (1) malformed RealAudio (rad) packets that are not properly handled by the RealAudio Proxy, or (2) crafted packets to the statistics service (statsd). • http://www.securityfocus.com/bid/6389 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.2EPSS: 1%CPEs: 7EXPL: 0CVE-2002-0538
https://notcve.org/view.php?id=CVE-2002-0538
03 Jul 2002 — FTP proxy in Symantec Raptor Firewall 6.5.3 and Enterprise 7.0 rewrites an FTP server's "FTP PORT" responses in a way that allows remote attackers to redirect FTP data connections to arbitrary ports, a variant of the "FTP bounce" vulnerability. • http://archives.neohapsis.com/archives/bugtraq/2002-04/0166.html •