SNMP: Symantec Firewall Multiple Vulnerabilities
Multiple vulnerabilities exist in the Symantec Enterprise Firewall/VPN Appliance and Symantec Gateway Security products. These products contain firmware flaws which result in improper enforcement of controls relative to incoming UDP traffic. These vulnerabilities enable an attacker to view and modify the firewall rules, and additionally to create a denial of service condition. The target system will not exhibit any unusual behaviour when the vulnerability is exploited for information disclosure. If these vulnerabilities are exploited to alter the configuration of the vulnerable system, this will result in a behavior change dependent on the new configuration settings. Alternatively, in the case of the denial-of-service attack previously described, the target system will become unresponsive until restarted.
Extended Description
Buffer overflow in Entrust LibKmp ISAKMP library, as used by Symantec Enterprise Firewall 7.0 through 8.0, Gateway Security 5300 1.0, Gateway Security 5400 2.0, and VelociRaptor 1.5, allows remote attackers to execute arbitrary code via a crafted ISAKMP payload.
Affected Products
Entrust entrust_libkmp_isakmp_library
References
CVE: CVE-2004-0369
Short Name
SNMP:SYMNTC-FIREWALL-MULT
Severity
Major
Recommended
False
Recommended Action
None
Category
SNMP
Keywords
CVE-2004-0369 Firewall Multiple Symantec Vulnerabilities
Release Date
09/02/2015
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3761
False Positive
Unknown
Vendors
Entrust
Symantec
CVSS Score
7.5