5 results (0.004 seconds)

CVSS: 5.0EPSS: 0%CPEs: 15EXPL: 0

The proxy DNS service in Symantec Gateway Security (SGS) allows remote attackers to make arbitrary DNS queries to third-party DNS servers, while hiding the source IP address of the attacker. NOTE: another researcher has stated that the default configuration does not proxy DNS queries received on the external interface ** DISCUTIDO ** El servicio proxy DNS en Symantec Gateway Security (SGS) permite a un atacante remoto hacer consultas DNS de su elección a los servidores DNS de terceras personas, mientras se ocultan la dirección IP de origen del atacante. NOTA: otro investigador ha señalado que la configuración por defecto no recibe consultas proxy DNS sobre una interfaz externa. • http://www.securityfocus.com/archive/1/444114/100/100/threaded http://www.securityfocus.com/archive/1/444134/100/100/threaded http://www.securityfocus.com/archive/1/444135/100/100/threaded http://www.securityfocus.com/archive/1/444330/100/0/threaded •

CVSS: 5.0EPSS: 23%CPEs: 11EXPL: 3

The DNS proxy (DNSd) for multiple Symantec Gateway Security products allows remote attackers to poison the DNS cache via a malicious DNS server query response that contains authoritative or additional records. • https://www.exploit-db.com/exploits/24218 http://lists.virus.org/bugtraq-0406/msg00234.html http://secunia.com/advisories/11888 http://securityresponse.symantec.com/avcenter/security/Content/2004.06.21.html http://www.securityfocus.com/bid/10557 •

CVSS: 7.5EPSS: 0%CPEs: 13EXPL: 1

Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor Models 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 generate easily predictable initial sequence numbers (ISN), which allows remote attackers to spoof connections. Symantec Raptor Firewall 6.5 y 6.5.3, Enterprise Firewall 6.5.2 y 7.0, VelociRaptor modelos 500/700/1000 y 1100/1200/1300, y Gateway Security 5110/5200/5300 generan secuencias numéricas iniciales (ISN) fácilmente predecibles, lo que permitiría a atacantes remotos falsear conexiones. • https://www.exploit-db.com/exploits/19522 http://archives.neohapsis.com/archives/bugtraq/2002-07/0492.html http://www.osvdb.org/855 http://www.securityfocus.com/bid/5387 http://www.symantec.com/techsupp/bulletin/archive/firewall/082002firewall.html https://exchange.xforce.ibmcloud.com/vulnerabilities/12836 •

CVSS: 5.0EPSS: 0%CPEs: 14EXPL: 0

Multiple buffer overflows in Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 allow remote attackers to cause a denial of service (service termination) via (1) malformed RealAudio (rad) packets that are not properly handled by the RealAudio Proxy, or (2) crafted packets to the statistics service (statsd). • http://www.securityfocus.com/bid/6389 http://www.symantec.com/avcenter/security/Content/2002.12.12.html https://exchange.xforce.ibmcloud.com/vulnerabilities/10862 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.0EPSS: 0%CPEs: 14EXPL: 0

The web proxy component in Symantec Enterprise Firewall (SEF) 6.5.2 through 7.0, Raptor Firewall 6.5 and 6.5.3, VelociRaptor, and Symantec Gateway Security allow remote attackers to cause a denial of service (connection resource exhaustion) via multiple connection requests to domains whose DNS server is unresponsive or does not exist, which generates a long timeout. El componente de proxy web en Symantec Enterprise Firewall (SEF) 6.5.2 a 7.0, Raptor Firewall 6.5 y 6.5.3, VelociRaptor, y Symantec Gateway Security permite a atacantes remotos causar una denegación de servicio (agotamiento de recursos de conexiones) mediante múltiples peticiones de conexión a dominios cuyo servidor DNS no responda o no exista, lo que genera una larga espera. • http://marc.info/?l=bugtraq&m=103463869503124&w=2 http://securityresponse.symantec.com/avcenter/security/Content/2002.10.11.html http://www.iss.net/security_center/static/10364.php http://www.securityfocus.com/bid/5958 •