CVSS: 5.0EPSS: 0%CPEs: 15EXPL: 0CVE-2006-4562
https://notcve.org/view.php?id=CVE-2006-4562
The proxy DNS service in Symantec Gateway Security (SGS) allows remote attackers to make arbitrary DNS queries to third-party DNS servers, while hiding the source IP address of the attacker. NOTE: another researcher has stated that the default configuration does not proxy DNS queries received on the external interface ** DISCUTIDO ** El servicio proxy DNS en Symantec Gateway Security (SGS) permite a un atacante remoto hacer consultas DNS de su elección a los servidores DNS de terceras personas, mientras se ocultan la dirección IP de origen del atacante. NOTA: otro investigador ha señalado que la configuración por defecto no recibe consultas proxy DNS sobre una interfaz externa. • http://www.securityfocus.com/archive/1/444114/100/100/threaded http://www.securityfocus.com/archive/1/444134/100/100/threaded http://www.securityfocus.com/archive/1/444135/100/100/threaded http://www.securityfocus.com/archive/1/444330/100/0/threaded •
CVSS: 5.0EPSS: 23%CPEs: 11EXPL: 3CVE-2004-1754 – Symantec Enterprise Firewall 7.0/8.0 - DNSD DNS Cache Poisoning
https://notcve.org/view.php?id=CVE-2004-1754
The DNS proxy (DNSd) for multiple Symantec Gateway Security products allows remote attackers to poison the DNS cache via a malicious DNS server query response that contains authoritative or additional records. • https://www.exploit-db.com/exploits/24218 http://lists.virus.org/bugtraq-0406/msg00234.html http://secunia.com/advisories/11888 http://securityresponse.symantec.com/avcenter/security/Content/2004.06.21.html http://www.securityfocus.com/bid/10557 •