Search

Find a vulnerability

Search criteria

    30 vulnerabilities found for enterprise_firewall by symantec

    CVE-2002-2294 (GCVE-0-2002-2294)

    Vulnerability from cvelistv5 – Published: 2007-10-18 10:00 – Updated: 2024-08-08 03:59
    VLAI
    Summary
    Multiple buffer overflows in Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 allow remote attackers to cause a denial of service (service termination) via (1) malformed RealAudio (rad) packets that are not properly handled by the RealAudio Proxy, or (2) crafted packets to the statistics service (statsd).
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2002-12-13 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T03:59:11.399Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.symantec.com/avcenter/security/Content/2002.12.12.html"
              },
              {
                "name": "sef-realaudio-proxy-bo(10862)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10862"
              },
              {
                "name": "6389",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/6389"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2002-12-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple buffer overflows in Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 allow remote attackers to cause a denial of service (service termination) via (1) malformed RealAudio (rad) packets that are not properly handled by the RealAudio Proxy, or (2) crafted packets to the statistics service (statsd)."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.symantec.com/avcenter/security/Content/2002.12.12.html"
            },
            {
              "name": "sef-realaudio-proxy-bo(10862)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10862"
            },
            {
              "name": "6389",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/6389"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2002-2294",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple buffer overflows in Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 allow remote attackers to cause a denial of service (service termination) via (1) malformed RealAudio (rad) packets that are not properly handled by the RealAudio Proxy, or (2) crafted packets to the statistics service (statsd)."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.symantec.com/avcenter/security/Content/2002.12.12.html",
                  "refsource": "CONFIRM",
                  "url": "http://www.symantec.com/avcenter/security/Content/2002.12.12.html"
                },
                {
                  "name": "sef-realaudio-proxy-bo(10862)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10862"
                },
                {
                  "name": "6389",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/6389"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2002-2294",
        "datePublished": "2007-10-18T10:00:00.000Z",
        "dateReserved": "2007-10-17T00:00:00.000Z",
        "dateUpdated": "2024-08-08T03:59:11.399Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-4422 (GCVE-0-2007-4422)

    Vulnerability from cvelistv5 – Published: 2007-08-18 21:00 – Updated: 2024-08-07 14:53
    VLAI
    Summary
    The login interface in Symantec Enterprise Firewall 6.x, when a VPN with pre-shared key (PSK) authentication is enabled, generates different responses depending on whether or not a username is valid, which allows remote attackers to enumerate valid usernames.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/26511 third-party-advisoryx_refsource_SECUNIA
    http://www.securitytracker.com/id?1018578 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/bid/25338 vdb-entryx_refsource_BID
    http://www.symantec.com/avcenter/security/Content… x_refsource_CONFIRM
    http://www.osvdb.org/36489 vdb-entryx_refsource_OSVDB
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.vupen.com/english/advisories/2007/2909 vdb-entryx_refsource_VUPEN
    Date Public
    2007-08-16 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T14:53:55.981Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "26511",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/26511"
              },
              {
                "name": "1018578",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1018578"
              },
              {
                "name": "25338",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/25338"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.symantec.com/avcenter/security/Content/2007.08.16.html"
              },
              {
                "name": "36489",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/36489"
              },
              {
                "name": "sef-username-enumeration(36081)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36081"
              },
              {
                "name": "ADV-2007-2909",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/2909"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-08-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The login interface in Symantec Enterprise Firewall 6.x, when a VPN with pre-shared key (PSK) authentication is enabled, generates different responses depending on whether or not a username is valid, which allows remote attackers to enumerate valid usernames."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "26511",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/26511"
            },
            {
              "name": "1018578",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1018578"
            },
            {
              "name": "25338",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/25338"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.symantec.com/avcenter/security/Content/2007.08.16.html"
            },
            {
              "name": "36489",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/36489"
            },
            {
              "name": "sef-username-enumeration(36081)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36081"
            },
            {
              "name": "ADV-2007-2909",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/2909"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-4422",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The login interface in Symantec Enterprise Firewall 6.x, when a VPN with pre-shared key (PSK) authentication is enabled, generates different responses depending on whether or not a username is valid, which allows remote attackers to enumerate valid usernames."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "26511",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/26511"
                },
                {
                  "name": "1018578",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1018578"
                },
                {
                  "name": "25338",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/25338"
                },
                {
                  "name": "http://www.symantec.com/avcenter/security/Content/2007.08.16.html",
                  "refsource": "CONFIRM",
                  "url": "http://www.symantec.com/avcenter/security/Content/2007.08.16.html"
                },
                {
                  "name": "36489",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/36489"
                },
                {
                  "name": "sef-username-enumeration(36081)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36081"
                },
                {
                  "name": "ADV-2007-2909",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/2909"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-4422",
        "datePublished": "2007-08-18T21:00:00.000Z",
        "dateReserved": "2007-08-18T00:00:00.000Z",
        "dateUpdated": "2024-08-07T14:53:55.981Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-2341 (GCVE-0-2006-2341)

    Vulnerability from cvelistv5 – Published: 2006-05-12 01:00 – Updated: 2024-08-07 17:43
    VLAI
    Summary
    The HTTP proxy in Symantec Gateway Security 5000 Series 2.0.1 and 3.0, and Enterprise Firewall 8.0, when NAT is being used, allows remote attackers to determine internal IP addresses by using malformed HTTP requests, as demonstrated using a get request without a space separating the URI.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://securityresponse.symantec.com/avcenter/sec… x_refsource_CONFIRM
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/bid/17936 vdb-entryx_refsource_BID
    http://www.vupen.com/english/advisories/2006/1764 vdb-entryx_refsource_VUPEN
    http://securitytracker.com/id?1016057 vdb-entryx_refsource_SECTRACK
    http://securitytracker.com/id?1016058 vdb-entryx_refsource_SECTRACK
    http://secunia.com/advisories/20082 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/archive/1/433876/30/… mailing-listx_refsource_BUGTRAQ
    Date Public
    2006-05-10 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T17:43:29.239Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.05.10.html"
              },
              {
                "name": "symantec-firewall-proxy-ip-disclosure(26370)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26370"
              },
              {
                "name": "17936",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/17936"
              },
              {
                "name": "ADV-2006-1764",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/1764"
              },
              {
                "name": "1016057",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1016057"
              },
              {
                "name": "1016058",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1016058"
              },
              {
                "name": "20082",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/20082"
              },
              {
                "name": "20060512 SEC Consult SA-20060512-0 :: Symantec Enterprise Firewall NAT/HTTP Proxy Private IP Exposure",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/433876/30/5040/threaded"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-05-10T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The HTTP proxy in Symantec Gateway Security 5000 Series 2.0.1 and 3.0, and Enterprise Firewall 8.0, when NAT is being used, allows remote attackers to determine internal IP addresses by using malformed HTTP requests, as demonstrated using a get request without a space separating the URI."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-18T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.05.10.html"
            },
            {
              "name": "symantec-firewall-proxy-ip-disclosure(26370)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26370"
            },
            {
              "name": "17936",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/17936"
            },
            {
              "name": "ADV-2006-1764",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/1764"
            },
            {
              "name": "1016057",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1016057"
            },
            {
              "name": "1016058",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1016058"
            },
            {
              "name": "20082",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/20082"
            },
            {
              "name": "20060512 SEC Consult SA-20060512-0 :: Symantec Enterprise Firewall NAT/HTTP Proxy Private IP Exposure",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/433876/30/5040/threaded"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-2341",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The HTTP proxy in Symantec Gateway Security 5000 Series 2.0.1 and 3.0, and Enterprise Firewall 8.0, when NAT is being used, allows remote attackers to determine internal IP addresses by using malformed HTTP requests, as demonstrated using a get request without a space separating the URI."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://securityresponse.symantec.com/avcenter/security/Content/2006.05.10.html",
                  "refsource": "CONFIRM",
                  "url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.05.10.html"
                },
                {
                  "name": "symantec-firewall-proxy-ip-disclosure(26370)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26370"
                },
                {
                  "name": "17936",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/17936"
                },
                {
                  "name": "ADV-2006-1764",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/1764"
                },
                {
                  "name": "1016057",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1016057"
                },
                {
                  "name": "1016058",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1016058"
                },
                {
                  "name": "20082",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/20082"
                },
                {
                  "name": "20060512 SEC Consult SA-20060512-0 :: Symantec Enterprise Firewall NAT/HTTP Proxy Private IP Exposure",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/433876/30/5040/threaded"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-2341",
        "datePublished": "2006-05-12T01:00:00.000Z",
        "dateReserved": "2006-05-11T00:00:00.000Z",
        "dateUpdated": "2024-08-07T17:43:29.239Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-3768 (GCVE-0-2005-3768)

    Vulnerability from cvelistv5 – Published: 2005-11-23 00:00 – Updated: 2024-08-07 23:24
    VLAI
    Summary
    Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in Symantec Dynamic VPN Services, as used in Enterprise Firewall, Gateway Security, and Firewall /VPN Appliance products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://securitytracker.com/id?1015247 vdb-entryx_refsource_SECTRACK
    http://secunia.com/advisories/17684 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2005/2517 vdb-entryx_refsource_VUPEN
    http://securitytracker.com/id?1015249 vdb-entryx_refsource_SECTRACK
    http://securityresponse.symantec.com/avcenter/sec… x_refsource_CONFIRM
    http://securitytracker.com/id?1015248 vdb-entryx_refsource_SECTRACK
    Date Public
    2005-11-21 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T23:24:36.178Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1015247",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015247"
              },
              {
                "name": "17684",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17684"
              },
              {
                "name": "ADV-2005-2517",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2005/2517"
              },
              {
                "name": "1015249",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015249"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html"
              },
              {
                "name": "1015248",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015248"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-11-21T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in Symantec Dynamic VPN Services, as used in Enterprise Firewall, Gateway Security, and Firewall /VPN Appliance products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2009-02-26T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "1015247",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015247"
            },
            {
              "name": "17684",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17684"
            },
            {
              "name": "ADV-2005-2517",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2005/2517"
            },
            {
              "name": "1015249",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015249"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html"
            },
            {
              "name": "1015248",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015248"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2005-3768",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in Symantec Dynamic VPN Services, as used in Enterprise Firewall, Gateway Security, and Firewall /VPN Appliance products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1015247",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015247"
                },
                {
                  "name": "17684",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17684"
                },
                {
                  "name": "ADV-2005-2517",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2005/2517"
                },
                {
                  "name": "1015249",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015249"
                },
                {
                  "name": "http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html",
                  "refsource": "CONFIRM",
                  "url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html"
                },
                {
                  "name": "1015248",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015248"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2005-3768",
        "datePublished": "2005-11-23T00:00:00.000Z",
        "dateReserved": "2005-11-22T00:00:00.000Z",
        "dateUpdated": "2024-08-07T23:24:36.178Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-0369 (GCVE-0-2004-0369)

    Vulnerability from cvelistv5 – Published: 2005-04-14 04:00 – Updated: 2024-08-08 00:17
    VLAI
    Summary
    Buffer overflow in Entrust LibKmp ISAKMP library, as used by Symantec Enterprise Firewall 7.0 through 8.0, Gateway Security 5300 1.0, Gateway Security 5400 2.0, and VelociRaptor 1.5, allows remote attackers to execute arbitrary code via a crafted ISAKMP payload.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.auscert.org.au/render.html?it=4339 third-party-advisoryx_refsource_AUSCERT
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://xforce.iss.net/xforce/alerts/id/181 third-party-advisoryx_refsource_ISS
    http://securityresponse.symantec.com/avcenter/sec… x_refsource_CONFIRM
    http://www.ciac.org/ciac/bulletins/o-206.shtml third-party-advisorygovernment-resourcex_refsource_CIAC
    http://www.securityfocus.com/bid/11039 vdb-entryx_refsource_BID
    Date Public
    2004-08-26 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:17:14.359Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ESB-2004.0538",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_AUSCERT",
                  "x_transferred"
                ],
                "url": "http://www.auscert.org.au/render.html?it=4339"
              },
              {
                "name": "isakmp-spi-size-bo(15669)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15669"
              },
              {
                "name": "20040826 Entrust LibKmp Library Buffer Overflow",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_ISS",
                  "x_transferred"
                ],
                "url": "http://xforce.iss.net/xforce/alerts/id/181"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.08.26.html"
              },
              {
                "name": "O-206",
                "tags": [
                  "third-party-advisory",
                  "government-resource",
                  "x_refsource_CIAC",
                  "x_transferred"
                ],
                "url": "http://www.ciac.org/ciac/bulletins/o-206.shtml"
              },
              {
                "name": "11039",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/11039"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-08-26T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in Entrust LibKmp ISAKMP library, as used by Symantec Enterprise Firewall 7.0 through 8.0, Gateway Security 5300 1.0, Gateway Security 5400 2.0, and VelociRaptor 1.5, allows remote attackers to execute arbitrary code via a crafted ISAKMP payload."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "ESB-2004.0538",
              "tags": [
                "third-party-advisory",
                "x_refsource_AUSCERT"
              ],
              "url": "http://www.auscert.org.au/render.html?it=4339"
            },
            {
              "name": "isakmp-spi-size-bo(15669)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15669"
            },
            {
              "name": "20040826 Entrust LibKmp Library Buffer Overflow",
              "tags": [
                "third-party-advisory",
                "x_refsource_ISS"
              ],
              "url": "http://xforce.iss.net/xforce/alerts/id/181"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.08.26.html"
            },
            {
              "name": "O-206",
              "tags": [
                "third-party-advisory",
                "government-resource",
                "x_refsource_CIAC"
              ],
              "url": "http://www.ciac.org/ciac/bulletins/o-206.shtml"
            },
            {
              "name": "11039",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/11039"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-0369",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in Entrust LibKmp ISAKMP library, as used by Symantec Enterprise Firewall 7.0 through 8.0, Gateway Security 5300 1.0, Gateway Security 5400 2.0, and VelociRaptor 1.5, allows remote attackers to execute arbitrary code via a crafted ISAKMP payload."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "ESB-2004.0538",
                  "refsource": "AUSCERT",
                  "url": "http://www.auscert.org.au/render.html?it=4339"
                },
                {
                  "name": "isakmp-spi-size-bo(15669)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15669"
                },
                {
                  "name": "20040826 Entrust LibKmp Library Buffer Overflow",
                  "refsource": "ISS",
                  "url": "http://xforce.iss.net/xforce/alerts/id/181"
                },
                {
                  "name": "http://securityresponse.symantec.com/avcenter/security/Content/2004.08.26.html",
                  "refsource": "CONFIRM",
                  "url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.08.26.html"
                },
                {
                  "name": "O-206",
                  "refsource": "CIAC",
                  "url": "http://www.ciac.org/ciac/bulletins/o-206.shtml"
                },
                {
                  "name": "11039",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/11039"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-0369",
        "datePublished": "2005-04-14T04:00:00.000Z",
        "dateReserved": "2004-03-24T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:17:14.359Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-0817 (GCVE-0-2005-0817)

    Vulnerability from cvelistv5 – Published: 2005-03-20 05:00 – Updated: 2024-08-07 21:28
    VLAI
    Summary
    Unknown vulnerability in the DNSd proxy, as used in Symantec Gateway Security 5400 2.x and 5300 1.x, Enterprise Firewall 7.0.x and 8.x, and VelociRaptor 1100/1200/1300 1.5, allows remote attackers to poison the DNS cache and redirect users to malicious sites.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2005-03-15 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T21:28:28.821Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "sef-dns-spoofing(16423)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16423"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.isc.sans.org/diary.php?date=2005-03-04"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.03.15.html"
              },
              {
                "name": "symantec-dnsdproxy-redirect(44530)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44530"
              },
              {
                "name": "1013451",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1013451"
              },
              {
                "name": "20040615 Symantec Enterprise Firewall DNSD cache poisoning Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/bugtraq/2004-06/0225.html"
              },
              {
                "name": "14595",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/14595"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-03-15T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Unknown vulnerability in the DNSd proxy, as used in Symantec Gateway Security 5400 2.x and 5300 1.x, Enterprise Firewall 7.0.x and 8.x, and VelociRaptor 1100/1200/1300 1.5, allows remote attackers to poison the DNS cache and redirect users to malicious sites."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "sef-dns-spoofing(16423)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16423"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.isc.sans.org/diary.php?date=2005-03-04"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.03.15.html"
            },
            {
              "name": "symantec-dnsdproxy-redirect(44530)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44530"
            },
            {
              "name": "1013451",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1013451"
            },
            {
              "name": "20040615 Symantec Enterprise Firewall DNSD cache poisoning Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2004-06/0225.html"
            },
            {
              "name": "14595",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/14595"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2005-0817",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Unknown vulnerability in the DNSd proxy, as used in Symantec Gateway Security 5400 2.x and 5300 1.x, Enterprise Firewall 7.0.x and 8.x, and VelociRaptor 1100/1200/1300 1.5, allows remote attackers to poison the DNS cache and redirect users to malicious sites."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "sef-dns-spoofing(16423)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16423"
                },
                {
                  "name": "http://www.isc.sans.org/diary.php?date=2005-03-04",
                  "refsource": "MISC",
                  "url": "http://www.isc.sans.org/diary.php?date=2005-03-04"
                },
                {
                  "name": "http://securityresponse.symantec.com/avcenter/security/Content/2005.03.15.html",
                  "refsource": "CONFIRM",
                  "url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.03.15.html"
                },
                {
                  "name": "symantec-dnsdproxy-redirect(44530)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44530"
                },
                {
                  "name": "1013451",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1013451"
                },
                {
                  "name": "20040615 Symantec Enterprise Firewall DNSD cache poisoning Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://archives.neohapsis.com/archives/bugtraq/2004-06/0225.html"
                },
                {
                  "name": "14595",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/14595"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2005-0817",
        "datePublished": "2005-03-20T05:00:00.000Z",
        "dateReserved": "2005-03-20T00:00:00.000Z",
        "dateUpdated": "2024-08-07T21:28:28.821Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-1754 (GCVE-0-2004-1754)

    Vulnerability from cvelistv5 – Published: 2005-03-09 05:00 – Updated: 2024-08-08 01:00
    VLAI
    Summary
    The DNS proxy (DNSd) for multiple Symantec Gateway Security products allows remote attackers to poison the DNS cache via a malicious DNS server query response that contains authoritative or additional records.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://lists.virus.org/bugtraq-0406/msg00234.html mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/10557 vdb-entryx_refsource_BID
    http://secunia.com/advisories/11888 third-party-advisoryx_refsource_SECUNIA
    http://securityresponse.symantec.com/avcenter/sec… x_refsource_CONFIRM
    Date Public
    2004-06-15 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T01:00:37.237Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20040615 Symantec Enterprise Firewall DNSD cache poisoning Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://lists.virus.org/bugtraq-0406/msg00234.html"
              },
              {
                "name": "10557",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/10557"
              },
              {
                "name": "11888",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/11888"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.06.21.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-06-15T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The DNS proxy (DNSd) for multiple Symantec Gateway Security products allows remote attackers to poison the DNS cache via a malicious DNS server query response that contains authoritative or additional records."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-06-15T16:39:05.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20040615 Symantec Enterprise Firewall DNSD cache poisoning Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://lists.virus.org/bugtraq-0406/msg00234.html"
            },
            {
              "name": "10557",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/10557"
            },
            {
              "name": "11888",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/11888"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.06.21.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-1754",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The DNS proxy (DNSd) for multiple Symantec Gateway Security products allows remote attackers to poison the DNS cache via a malicious DNS server query response that contains authoritative or additional records."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20040615 Symantec Enterprise Firewall DNSD cache poisoning Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://lists.virus.org/bugtraq-0406/msg00234.html"
                },
                {
                  "name": "10557",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/10557"
                },
                {
                  "name": "11888",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/11888"
                },
                {
                  "name": "http://securityresponse.symantec.com/avcenter/security/Content/2004.06.21.html",
                  "refsource": "CONFIRM",
                  "url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.06.21.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-1754",
        "datePublished": "2005-03-09T05:00:00.000Z",
        "dateReserved": "2005-03-09T00:00:00.000Z",
        "dateUpdated": "2024-08-08T01:00:37.237Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-1029 (GCVE-0-2004-1029)

    Vulnerability from cvelistv5 – Published: 2004-11-24 05:00 – Updated: 2024-08-08 00:39
    VLAI
    Summary
    The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using the reflection API to access private Java packages.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.idefense.com/application/poi/display?i… third-party-advisoryx_refsource_IDEFENSE
    http://jouko.iki.fi/adv/javaplugin.html x_refsource_MISC
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://lists.apple.com/archives/security-announce… vendor-advisoryx_refsource_APPLE
    http://rpmfind.net/linux/RPM/suse/updates/9.3/i38… x_refsource_CONFIRM
    http://secunia.com/advisories/13271 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/29035 third-party-advisoryx_refsource_SECUNIA
    http://securityreason.com/securityalert/61 third-party-advisoryx_refsource_SREASON
    http://www.securityfocus.com/bid/12317 vdb-entryx_refsource_BID
    http://www.vupen.com/english/advisories/2008/0599 vdb-entryx_refsource_VUPEN
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://sunsolve.sun.com/search/document.do?assetk… vendor-advisoryx_refsource_SUNALERT
    http://www.kb.cert.org/vuls/id/760344 third-party-advisoryx_refsource_CERT-VN
    http://www-1.ibm.com/support/docview.wss?uid=swg2… x_refsource_CONFIRM
    http://sunsolve.sun.com/search/document.do?assetk… vendor-advisoryx_refsource_SUNALERT
    Date Public
    2004-11-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:39:00.544Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20041122 Sun Java Plugin Arbitrary Package Access Vulnerability",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_IDEFENSE",
                  "x_transferred"
                ],
                "url": "http://www.idefense.com/application/poi/display?id=158\u0026type=vulnerabilities"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://jouko.iki.fi/adv/javaplugin.html"
              },
              {
                "name": "oval:org.mitre.oval:def:5674",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5674"
              },
              {
                "name": "APPLE-SA-2005-02-22",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_APPLE",
                  "x_transferred"
                ],
                "url": "http://lists.apple.com/archives/security-announce/2005/Feb/msg00000.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://rpmfind.net/linux/RPM/suse/updates/9.3/i386/rpm/i586/java-1_4_2-sun-src-1.4.2.08-0.1.i586.html"
              },
              {
                "name": "13271",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/13271"
              },
              {
                "name": "29035",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/29035"
              },
              {
                "name": "61",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/61"
              },
              {
                "name": "12317",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/12317"
              },
              {
                "name": "ADV-2008-0599",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2008/0599"
              },
              {
                "name": "sdk-jre-applet-restriction-bypass(18188)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18188"
              },
              {
                "name": "101523",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101523-1"
              },
              {
                "name": "VU#760344",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/760344"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21257249"
              },
              {
                "name": "57591",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57591-1"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-11-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using the reflection API to access private Java packages."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-10T00:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20041122 Sun Java Plugin Arbitrary Package Access Vulnerability",
              "tags": [
                "third-party-advisory",
                "x_refsource_IDEFENSE"
              ],
              "url": "http://www.idefense.com/application/poi/display?id=158\u0026type=vulnerabilities"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://jouko.iki.fi/adv/javaplugin.html"
            },
            {
              "name": "oval:org.mitre.oval:def:5674",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5674"
            },
            {
              "name": "APPLE-SA-2005-02-22",
              "tags": [
                "vendor-advisory",
                "x_refsource_APPLE"
              ],
              "url": "http://lists.apple.com/archives/security-announce/2005/Feb/msg00000.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://rpmfind.net/linux/RPM/suse/updates/9.3/i386/rpm/i586/java-1_4_2-sun-src-1.4.2.08-0.1.i586.html"
            },
            {
              "name": "13271",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/13271"
            },
            {
              "name": "29035",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/29035"
            },
            {
              "name": "61",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/61"
            },
            {
              "name": "12317",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/12317"
            },
            {
              "name": "ADV-2008-0599",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2008/0599"
            },
            {
              "name": "sdk-jre-applet-restriction-bypass(18188)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18188"
            },
            {
              "name": "101523",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUNALERT"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101523-1"
            },
            {
              "name": "VU#760344",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/760344"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21257249"
            },
            {
              "name": "57591",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUNALERT"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57591-1"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-1029",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using the reflection API to access private Java packages."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20041122 Sun Java Plugin Arbitrary Package Access Vulnerability",
                  "refsource": "IDEFENSE",
                  "url": "http://www.idefense.com/application/poi/display?id=158\u0026type=vulnerabilities"
                },
                {
                  "name": "http://jouko.iki.fi/adv/javaplugin.html",
                  "refsource": "MISC",
                  "url": "http://jouko.iki.fi/adv/javaplugin.html"
                },
                {
                  "name": "oval:org.mitre.oval:def:5674",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5674"
                },
                {
                  "name": "APPLE-SA-2005-02-22",
                  "refsource": "APPLE",
                  "url": "http://lists.apple.com/archives/security-announce/2005/Feb/msg00000.html"
                },
                {
                  "name": "http://rpmfind.net/linux/RPM/suse/updates/9.3/i386/rpm/i586/java-1_4_2-sun-src-1.4.2.08-0.1.i586.html",
                  "refsource": "CONFIRM",
                  "url": "http://rpmfind.net/linux/RPM/suse/updates/9.3/i386/rpm/i586/java-1_4_2-sun-src-1.4.2.08-0.1.i586.html"
                },
                {
                  "name": "13271",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/13271"
                },
                {
                  "name": "29035",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/29035"
                },
                {
                  "name": "61",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/61"
                },
                {
                  "name": "12317",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/12317"
                },
                {
                  "name": "ADV-2008-0599",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2008/0599"
                },
                {
                  "name": "sdk-jre-applet-restriction-bypass(18188)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18188"
                },
                {
                  "name": "101523",
                  "refsource": "SUNALERT",
                  "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101523-1"
                },
                {
                  "name": "VU#760344",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/760344"
                },
                {
                  "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21257249",
                  "refsource": "CONFIRM",
                  "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21257249"
                },
                {
                  "name": "57591",
                  "refsource": "SUNALERT",
                  "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57591-1"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-1029",
        "datePublished": "2004-11-24T05:00:00.000Z",
        "dateReserved": "2004-11-12T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:39:00.544Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2002-0990 (GCVE-0-2002-0990)

    Vulnerability from cvelistv5 – Published: 2004-09-01 04:00 – Updated: 2024-08-08 03:12
    VLAI
    Summary
    The web proxy component in Symantec Enterprise Firewall (SEF) 6.5.2 through 7.0, Raptor Firewall 6.5 and 6.5.3, VelociRaptor, and Symantec Gateway Security allow remote attackers to cause a denial of service (connection resource exhaustion) via multiple connection requests to domains whose DNS server is unresponsive or does not exist, which generates a long timeout.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2002-10-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T03:12:16.897Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "simple-webserver-url-dos(10364)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "http://www.iss.net/security_center/static/10364.php"
              },
              {
                "name": "20021014 Multiple Symantec Firewall Secure Webserver timeout DoS",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=103463869503124\u0026w=2"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.10.11.html"
              },
              {
                "name": "5958",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/5958"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2002-10-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The web proxy component in Symantec Enterprise Firewall (SEF) 6.5.2 through 7.0, Raptor Firewall 6.5 and 6.5.3, VelociRaptor, and Symantec Gateway Security allow remote attackers to cause a denial of service (connection resource exhaustion) via multiple connection requests to domains whose DNS server is unresponsive or does not exist, which generates a long timeout."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2003-02-26T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "simple-webserver-url-dos(10364)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "http://www.iss.net/security_center/static/10364.php"
            },
            {
              "name": "20021014 Multiple Symantec Firewall Secure Webserver timeout DoS",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=103463869503124\u0026w=2"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.10.11.html"
            },
            {
              "name": "5958",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/5958"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2002-0990",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The web proxy component in Symantec Enterprise Firewall (SEF) 6.5.2 through 7.0, Raptor Firewall 6.5 and 6.5.3, VelociRaptor, and Symantec Gateway Security allow remote attackers to cause a denial of service (connection resource exhaustion) via multiple connection requests to domains whose DNS server is unresponsive or does not exist, which generates a long timeout."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "simple-webserver-url-dos(10364)",
                  "refsource": "XF",
                  "url": "http://www.iss.net/security_center/static/10364.php"
                },
                {
                  "name": "20021014 Multiple Symantec Firewall Secure Webserver timeout DoS",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=103463869503124\u0026w=2"
                },
                {
                  "name": "http://securityresponse.symantec.com/avcenter/security/Content/2002.10.11.html",
                  "refsource": "CONFIRM",
                  "url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.10.11.html"
                },
                {
                  "name": "5958",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/5958"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2002-0990",
        "datePublished": "2004-09-01T04:00:00.000Z",
        "dateReserved": "2002-08-27T00:00:00.000Z",
        "dateUpdated": "2024-08-08T03:12:16.897Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2002-1463 (GCVE-0-2002-1463)

    Vulnerability from cvelistv5 – Published: 2004-09-01 04:00 – Updated: 2024-08-08 03:26
    VLAI
    Summary
    Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor Models 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 generate easily predictable initial sequence numbers (ISN), which allows remote attackers to spoof connections.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2002-08-02 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T03:26:28.448Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20020802 Security Advisory: Raptor Firewall Weak ISN Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0492.html"
              },
              {
                "name": "5387",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/5387"
              },
              {
                "name": "symantec-tcp-seq-predict(12836)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12836"
              },
              {
                "name": "855",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/855"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.symantec.com/techsupp/bulletin/archive/firewall/082002firewall.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2002-08-02T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor Models 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 generate easily predictable initial sequence numbers (ISN), which allows remote attackers to spoof connections."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2004-08-18T00:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20020802 Security Advisory: Raptor Firewall Weak ISN Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0492.html"
            },
            {
              "name": "5387",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/5387"
            },
            {
              "name": "symantec-tcp-seq-predict(12836)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12836"
            },
            {
              "name": "855",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/855"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.symantec.com/techsupp/bulletin/archive/firewall/082002firewall.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2002-1463",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor Models 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 generate easily predictable initial sequence numbers (ISN), which allows remote attackers to spoof connections."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20020802 Security Advisory: Raptor Firewall Weak ISN Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0492.html"
                },
                {
                  "name": "5387",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/5387"
                },
                {
                  "name": "symantec-tcp-seq-predict(12836)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12836"
                },
                {
                  "name": "855",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/855"
                },
                {
                  "name": "http://www.symantec.com/techsupp/bulletin/archive/firewall/082002firewall.html",
                  "refsource": "CONFIRM",
                  "url": "http://www.symantec.com/techsupp/bulletin/archive/firewall/082002firewall.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2002-1463",
        "datePublished": "2004-09-01T04:00:00.000Z",
        "dateReserved": "2003-02-05T00:00:00.000Z",
        "dateUpdated": "2024-08-08T03:26:28.448Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2002-0302 (GCVE-0-2002-0302)

    Vulnerability from cvelistv5 – Published: 2003-04-02 05:00 – Updated: 2024-08-08 02:42
    VLAI
    Summary
    The Notify daemon for Symantec Enterprise Firewall (SEF) 6.5.x drops large alerts when SNMP is used as the transport, which could prevent some alerts from being sent in the event of an attack.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2002-02-20 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T02:42:28.998Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "4139",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/4139"
              },
              {
                "name": "sef-snmp-notify-loss(8253)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8253"
              },
              {
                "name": "20020220 Symantec Enterprise Firewall (SEF) Notify Daemon data loss via SN MP",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=101424225814604\u0026w=2"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.02.20a.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2002-02-20T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The Notify daemon for Symantec Enterprise Firewall (SEF) 6.5.x drops large alerts when SNMP is used as the transport, which could prevent some alerts from being sent in the event of an attack."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2003-03-20T00:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "4139",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/4139"
            },
            {
              "name": "sef-snmp-notify-loss(8253)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8253"
            },
            {
              "name": "20020220 Symantec Enterprise Firewall (SEF) Notify Daemon data loss via SN MP",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=101424225814604\u0026w=2"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.02.20a.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2002-0302",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Notify daemon for Symantec Enterprise Firewall (SEF) 6.5.x drops large alerts when SNMP is used as the transport, which could prevent some alerts from being sent in the event of an attack."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "4139",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/4139"
                },
                {
                  "name": "sef-snmp-notify-loss(8253)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8253"
                },
                {
                  "name": "20020220 Symantec Enterprise Firewall (SEF) Notify Daemon data loss via SN MP",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=101424225814604\u0026w=2"
                },
                {
                  "name": "http://securityresponse.symantec.com/avcenter/security/Content/2002.02.20a.html",
                  "refsource": "CONFIRM",
                  "url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.02.20a.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2002-0302",
        "datePublished": "2003-04-02T05:00:00.000Z",
        "dateReserved": "2002-05-01T00:00:00.000Z",
        "dateUpdated": "2024-08-08T02:42:28.998Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2002-0538 (GCVE-0-2002-0538)

    Vulnerability from cvelistv5 – Published: 2003-04-02 05:00 – Updated: 2024-08-08 02:49
    VLAI
    Summary
    FTP proxy in Symantec Raptor Firewall 6.5.3 and Enterprise 7.0 rewrites an FTP server's "FTP PORT" responses in a way that allows remote attackers to redirect FTP data connections to arbitrary ports, a variant of the "FTP bounce" vulnerability.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2002-04-15 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T02:49:28.883Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "4522",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/4522"
              },
              {
                "name": "20020415 Raptor Firewall FTP Bounce vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/bugtraq/2002-04/0166.html"
              },
              {
                "name": "raptor-firewall-ftp-bounce(8847)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "http://www.iss.net/security_center/static/8847.php"
              },
              {
                "name": "20020417 Re: Raptor Firewall FTP Bounce vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/bugtraq/2002-04/0224.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.04.17.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2002-04-15T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "FTP proxy in Symantec Raptor Firewall 6.5.3 and Enterprise 7.0 rewrites an FTP server\u0027s \"FTP PORT\" responses in a way that allows remote attackers to redirect FTP data connections to arbitrary ports, a variant of the \"FTP bounce\" vulnerability."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2002-06-15T09:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "4522",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/4522"
            },
            {
              "name": "20020415 Raptor Firewall FTP Bounce vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2002-04/0166.html"
            },
            {
              "name": "raptor-firewall-ftp-bounce(8847)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "http://www.iss.net/security_center/static/8847.php"
            },
            {
              "name": "20020417 Re: Raptor Firewall FTP Bounce vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2002-04/0224.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.04.17.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2002-0538",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "FTP proxy in Symantec Raptor Firewall 6.5.3 and Enterprise 7.0 rewrites an FTP server\u0027s \"FTP PORT\" responses in a way that allows remote attackers to redirect FTP data connections to arbitrary ports, a variant of the \"FTP bounce\" vulnerability."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "4522",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/4522"
                },
                {
                  "name": "20020415 Raptor Firewall FTP Bounce vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://archives.neohapsis.com/archives/bugtraq/2002-04/0166.html"
                },
                {
                  "name": "raptor-firewall-ftp-bounce(8847)",
                  "refsource": "XF",
                  "url": "http://www.iss.net/security_center/static/8847.php"
                },
                {
                  "name": "20020417 Re: Raptor Firewall FTP Bounce vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://archives.neohapsis.com/archives/bugtraq/2002-04/0224.html"
                },
                {
                  "name": "http://securityresponse.symantec.com/avcenter/security/Content/2002.04.17.html",
                  "refsource": "CONFIRM",
                  "url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.04.17.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2002-0538",
        "datePublished": "2003-04-02T05:00:00.000Z",
        "dateReserved": "2002-06-07T00:00:00.000Z",
        "dateUpdated": "2024-08-08T02:49:28.883Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2002-0309 (GCVE-0-2002-0309)

    Vulnerability from cvelistv5 – Published: 2003-04-02 05:00 – Updated: 2024-08-08 02:42
    VLAI
    Summary
    SMTP proxy in Symantec Enterprise Firewall (SEF) 6.5.x includes the firewall's physical interface name and address in an SMTP protocol exchange when NAT translation is made to an address other than the firewall, which could allow remote attackers to determine certain firewall configuration information.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2002-02-20 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T02:42:29.184Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20020220 Symantec Enterprise Firewall (SEF) SMTP proxy inconsistencies",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=101424307617060\u0026w=2"
              },
              {
                "name": "sef-smtp-proxy-information(8251)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "http://www.iss.net/security_center/static/8251.php"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.02.20.html"
              },
              {
                "name": "20020221 Symantec Enterprise Firewall (SEF) SMTP proxy inconsistencies",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=101430810813853\u0026w=2"
              },
              {
                "name": "4141",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/4141"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2002-02-20T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "SMTP proxy in Symantec Enterprise Firewall (SEF) 6.5.x includes the firewall\u0027s physical interface name and address in an SMTP protocol exchange when NAT translation is made to an address other than the firewall, which could allow remote attackers to determine certain firewall configuration information."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2003-03-20T00:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20020220 Symantec Enterprise Firewall (SEF) SMTP proxy inconsistencies",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=101424307617060\u0026w=2"
            },
            {
              "name": "sef-smtp-proxy-information(8251)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "http://www.iss.net/security_center/static/8251.php"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.02.20.html"
            },
            {
              "name": "20020221 Symantec Enterprise Firewall (SEF) SMTP proxy inconsistencies",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=101430810813853\u0026w=2"
            },
            {
              "name": "4141",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/4141"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2002-0309",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "SMTP proxy in Symantec Enterprise Firewall (SEF) 6.5.x includes the firewall\u0027s physical interface name and address in an SMTP protocol exchange when NAT translation is made to an address other than the firewall, which could allow remote attackers to determine certain firewall configuration information."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20020220 Symantec Enterprise Firewall (SEF) SMTP proxy inconsistencies",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=101424307617060\u0026w=2"
                },
                {
                  "name": "sef-smtp-proxy-information(8251)",
                  "refsource": "XF",
                  "url": "http://www.iss.net/security_center/static/8251.php"
                },
                {
                  "name": "http://securityresponse.symantec.com/avcenter/security/Content/2002.02.20.html",
                  "refsource": "CONFIRM",
                  "url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.02.20.html"
                },
                {
                  "name": "20020221 Symantec Enterprise Firewall (SEF) SMTP proxy inconsistencies",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=101430810813853\u0026w=2"
                },
                {
                  "name": "4141",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/4141"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2002-0309",
        "datePublished": "2003-04-02T05:00:00.000Z",
        "dateReserved": "2002-05-01T00:00:00.000Z",
        "dateUpdated": "2024-08-08T02:42:29.184Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2003-0106 (GCVE-0-2003-0106)

    Vulnerability from cvelistv5 – Published: 2003-03-27 05:00 – Updated: 2024-08-08 01:43
    VLAI
    Summary
    The HTTP proxy for Symantec Enterprise Firewall (SEF) 7.0 allows proxy users to bypass pattern matching for blocked URLs via requests that are URL-encoded with escapes, Unicode, or UTF-8.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2003-03-26 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T01:43:35.881Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20030326 Corsaire Security Advisory - Symantec Enterprise Firewall (SEF) H TTP URL pattern evasion issue",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=104869513822233\u0026w=2"
              },
              {
                "name": "20030326 Corsaire Security Advisory - Symantec Enterprise Firewall (SEF) H TTP URL pattern evasion issue",
                "tags": [
                  "mailing-list",
                  "x_refsource_VULNWATCH",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0152.html"
              },
              {
                "name": "20030326 Corsaire Security Advisory - Symantec Enterprise Firewall (SEF) H TTP URL pattern evasion issue",
                "tags": [
                  "mailing-list",
                  "x_refsource_NTBUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=ntbugtraq\u0026m=104868285106289\u0026w=2"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://service1.symantec.com/SUPPORT/ent-gate.nsf/docid/2003032507434754"
              },
              {
                "name": "7196",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/7196"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2003-03-26T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The HTTP proxy for Symantec Enterprise Firewall (SEF) 7.0 allows proxy users to bypass pattern matching for blocked URLs via requests that are URL-encoded with escapes, Unicode, or UTF-8."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2016-10-17T13:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20030326 Corsaire Security Advisory - Symantec Enterprise Firewall (SEF) H TTP URL pattern evasion issue",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=104869513822233\u0026w=2"
            },
            {
              "name": "20030326 Corsaire Security Advisory - Symantec Enterprise Firewall (SEF) H TTP URL pattern evasion issue",
              "tags": [
                "mailing-list",
                "x_refsource_VULNWATCH"
              ],
              "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0152.html"
            },
            {
              "name": "20030326 Corsaire Security Advisory - Symantec Enterprise Firewall (SEF) H TTP URL pattern evasion issue",
              "tags": [
                "mailing-list",
                "x_refsource_NTBUGTRAQ"
              ],
              "url": "http://marc.info/?l=ntbugtraq\u0026m=104868285106289\u0026w=2"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://service1.symantec.com/SUPPORT/ent-gate.nsf/docid/2003032507434754"
            },
            {
              "name": "7196",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/7196"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2003-0106",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The HTTP proxy for Symantec Enterprise Firewall (SEF) 7.0 allows proxy users to bypass pattern matching for blocked URLs via requests that are URL-encoded with escapes, Unicode, or UTF-8."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20030326 Corsaire Security Advisory - Symantec Enterprise Firewall (SEF) H TTP URL pattern evasion issue",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=104869513822233\u0026w=2"
                },
                {
                  "name": "20030326 Corsaire Security Advisory - Symantec Enterprise Firewall (SEF) H TTP URL pattern evasion issue",
                  "refsource": "VULNWATCH",
                  "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0152.html"
                },
                {
                  "name": "20030326 Corsaire Security Advisory - Symantec Enterprise Firewall (SEF) H TTP URL pattern evasion issue",
                  "refsource": "NTBUGTRAQ",
                  "url": "http://marc.info/?l=ntbugtraq\u0026m=104868285106289\u0026w=2"
                },
                {
                  "name": "http://service1.symantec.com/SUPPORT/ent-gate.nsf/docid/2003032507434754",
                  "refsource": "CONFIRM",
                  "url": "http://service1.symantec.com/SUPPORT/ent-gate.nsf/docid/2003032507434754"
                },
                {
                  "name": "7196",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/7196"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2003-0106",
        "datePublished": "2003-03-27T05:00:00.000Z",
        "dateReserved": "2003-02-26T00:00:00.000Z",
        "dateUpdated": "2024-08-08T01:43:35.881Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2002-1535 (GCVE-0-2002-1535)

    Vulnerability from cvelistv5 – Published: 2003-03-18 05:00 – Updated: 2024-08-08 03:26
    VLAI
    Summary
    Secure Webserver 1.1 in Raptor 6.5 and Symantec Enterprise Firewall 6.5.2 allows remote attackers to identify IP addresses of hosts on the internal network via a CONNECT request, which generates different error messages if the host is present.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2002-10-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T03:26:28.914Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "5959",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/5959"
              },
              {
                "name": "simple-webserver-topology-disclosure(10363)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "http://www.iss.net/security_center/static/10363.php"
              },
              {
                "name": "20021014 Symantec Enterprise Firewall Secure Webserver info leak",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0190.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.10.11a.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2002-10-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Secure Webserver 1.1 in Raptor 6.5 and Symantec Enterprise Firewall 6.5.2 allows remote attackers to identify IP addresses of hosts on the internal network via a CONNECT request, which generates different error messages if the host is present."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2007-10-16T00:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "5959",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/5959"
            },
            {
              "name": "simple-webserver-topology-disclosure(10363)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "http://www.iss.net/security_center/static/10363.php"
            },
            {
              "name": "20021014 Symantec Enterprise Firewall Secure Webserver info leak",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0190.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.10.11a.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2002-1535",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Secure Webserver 1.1 in Raptor 6.5 and Symantec Enterprise Firewall 6.5.2 allows remote attackers to identify IP addresses of hosts on the internal network via a CONNECT request, which generates different error messages if the host is present."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "5959",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/5959"
                },
                {
                  "name": "simple-webserver-topology-disclosure(10363)",
                  "refsource": "XF",
                  "url": "http://www.iss.net/security_center/static/10363.php"
                },
                {
                  "name": "20021014 Symantec Enterprise Firewall Secure Webserver info leak",
                  "refsource": "BUGTRAQ",
                  "url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0190.html"
                },
                {
                  "name": "http://securityresponse.symantec.com/avcenter/security/Content/2002.10.11a.html",
                  "refsource": "CONFIRM",
                  "url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.10.11a.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2002-1535",
        "datePublished": "2003-03-18T05:00:00.000Z",
        "dateReserved": "2003-02-23T00:00:00.000Z",
        "dateUpdated": "2024-08-08T03:26:28.914Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-4422 (GCVE-0-2007-4422)

    Vulnerability from nvd – Published: 2007-08-18 21:00 – Updated: 2024-08-07 14:53
    VLAI
    Summary
    The login interface in Symantec Enterprise Firewall 6.x, when a VPN with pre-shared key (PSK) authentication is enabled, generates different responses depending on whether or not a username is valid, which allows remote attackers to enumerate valid usernames.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/26511 third-party-advisoryx_refsource_SECUNIA
    http://www.securitytracker.com/id?1018578 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/bid/25338 vdb-entryx_refsource_BID
    http://www.symantec.com/avcenter/security/Content… x_refsource_CONFIRM
    http://www.osvdb.org/36489 vdb-entryx_refsource_OSVDB
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.vupen.com/english/advisories/2007/2909 vdb-entryx_refsource_VUPEN
    Date Public
    2007-08-16 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T14:53:55.981Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "26511",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/26511"
              },
              {
                "name": "1018578",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1018578"
              },
              {
                "name": "25338",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/25338"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.symantec.com/avcenter/security/Content/2007.08.16.html"
              },
              {
                "name": "36489",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/36489"
              },
              {
                "name": "sef-username-enumeration(36081)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36081"
              },
              {
                "name": "ADV-2007-2909",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/2909"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-08-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The login interface in Symantec Enterprise Firewall 6.x, when a VPN with pre-shared key (PSK) authentication is enabled, generates different responses depending on whether or not a username is valid, which allows remote attackers to enumerate valid usernames."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "26511",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/26511"
            },
            {
              "name": "1018578",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1018578"
            },
            {
              "name": "25338",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/25338"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.symantec.com/avcenter/security/Content/2007.08.16.html"
            },
            {
              "name": "36489",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/36489"
            },
            {
              "name": "sef-username-enumeration(36081)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36081"
            },
            {
              "name": "ADV-2007-2909",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/2909"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-4422",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The login interface in Symantec Enterprise Firewall 6.x, when a VPN with pre-shared key (PSK) authentication is enabled, generates different responses depending on whether or not a username is valid, which allows remote attackers to enumerate valid usernames."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "26511",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/26511"
                },
                {
                  "name": "1018578",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1018578"
                },
                {
                  "name": "25338",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/25338"
                },
                {
                  "name": "http://www.symantec.com/avcenter/security/Content/2007.08.16.html",
                  "refsource": "CONFIRM",
                  "url": "http://www.symantec.com/avcenter/security/Content/2007.08.16.html"
                },
                {
                  "name": "36489",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/36489"
                },
                {
                  "name": "sef-username-enumeration(36081)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36081"
                },
                {
                  "name": "ADV-2007-2909",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/2909"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-4422",
        "datePublished": "2007-08-18T21:00:00.000Z",
        "dateReserved": "2007-08-18T00:00:00.000Z",
        "dateUpdated": "2024-08-07T14:53:55.981Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-2341 (GCVE-0-2006-2341)

    Vulnerability from nvd – Published: 2006-05-12 01:00 – Updated: 2024-08-07 17:43
    VLAI
    Summary
    The HTTP proxy in Symantec Gateway Security 5000 Series 2.0.1 and 3.0, and Enterprise Firewall 8.0, when NAT is being used, allows remote attackers to determine internal IP addresses by using malformed HTTP requests, as demonstrated using a get request without a space separating the URI.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://securityresponse.symantec.com/avcenter/sec… x_refsource_CONFIRM
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/bid/17936 vdb-entryx_refsource_BID
    http://www.vupen.com/english/advisories/2006/1764 vdb-entryx_refsource_VUPEN
    http://securitytracker.com/id?1016057 vdb-entryx_refsource_SECTRACK
    http://securitytracker.com/id?1016058 vdb-entryx_refsource_SECTRACK
    http://secunia.com/advisories/20082 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/archive/1/433876/30/… mailing-listx_refsource_BUGTRAQ
    Date Public
    2006-05-10 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T17:43:29.239Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.05.10.html"
              },
              {
                "name": "symantec-firewall-proxy-ip-disclosure(26370)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26370"
              },
              {
                "name": "17936",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/17936"
              },
              {
                "name": "ADV-2006-1764",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/1764"
              },
              {
                "name": "1016057",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1016057"
              },
              {
                "name": "1016058",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1016058"
              },
              {
                "name": "20082",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/20082"
              },
              {
                "name": "20060512 SEC Consult SA-20060512-0 :: Symantec Enterprise Firewall NAT/HTTP Proxy Private IP Exposure",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/433876/30/5040/threaded"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-05-10T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The HTTP proxy in Symantec Gateway Security 5000 Series 2.0.1 and 3.0, and Enterprise Firewall 8.0, when NAT is being used, allows remote attackers to determine internal IP addresses by using malformed HTTP requests, as demonstrated using a get request without a space separating the URI."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-18T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.05.10.html"
            },
            {
              "name": "symantec-firewall-proxy-ip-disclosure(26370)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26370"
            },
            {
              "name": "17936",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/17936"
            },
            {
              "name": "ADV-2006-1764",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/1764"
            },
            {
              "name": "1016057",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1016057"
            },
            {
              "name": "1016058",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1016058"
            },
            {
              "name": "20082",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/20082"
            },
            {
              "name": "20060512 SEC Consult SA-20060512-0 :: Symantec Enterprise Firewall NAT/HTTP Proxy Private IP Exposure",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/433876/30/5040/threaded"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-2341",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The HTTP proxy in Symantec Gateway Security 5000 Series 2.0.1 and 3.0, and Enterprise Firewall 8.0, when NAT is being used, allows remote attackers to determine internal IP addresses by using malformed HTTP requests, as demonstrated using a get request without a space separating the URI."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://securityresponse.symantec.com/avcenter/security/Content/2006.05.10.html",
                  "refsource": "CONFIRM",
                  "url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.05.10.html"
                },
                {
                  "name": "symantec-firewall-proxy-ip-disclosure(26370)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26370"
                },
                {
                  "name": "17936",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/17936"
                },
                {
                  "name": "ADV-2006-1764",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/1764"
                },
                {
                  "name": "1016057",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1016057"
                },
                {
                  "name": "1016058",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1016058"
                },
                {
                  "name": "20082",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/20082"
                },
                {
                  "name": "20060512 SEC Consult SA-20060512-0 :: Symantec Enterprise Firewall NAT/HTTP Proxy Private IP Exposure",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/433876/30/5040/threaded"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-2341",
        "datePublished": "2006-05-12T01:00:00.000Z",
        "dateReserved": "2006-05-11T00:00:00.000Z",
        "dateUpdated": "2024-08-07T17:43:29.239Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-3768 (GCVE-0-2005-3768)

    Vulnerability from nvd – Published: 2005-11-23 00:00 – Updated: 2024-08-07 23:24
    VLAI
    Summary
    Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in Symantec Dynamic VPN Services, as used in Enterprise Firewall, Gateway Security, and Firewall /VPN Appliance products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://securitytracker.com/id?1015247 vdb-entryx_refsource_SECTRACK
    http://secunia.com/advisories/17684 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2005/2517 vdb-entryx_refsource_VUPEN
    http://securitytracker.com/id?1015249 vdb-entryx_refsource_SECTRACK
    http://securityresponse.symantec.com/avcenter/sec… x_refsource_CONFIRM
    http://securitytracker.com/id?1015248 vdb-entryx_refsource_SECTRACK
    Date Public
    2005-11-21 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T23:24:36.178Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1015247",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015247"
              },
              {
                "name": "17684",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17684"
              },
              {
                "name": "ADV-2005-2517",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2005/2517"
              },
              {
                "name": "1015249",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015249"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html"
              },
              {
                "name": "1015248",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015248"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-11-21T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in Symantec Dynamic VPN Services, as used in Enterprise Firewall, Gateway Security, and Firewall /VPN Appliance products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2009-02-26T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "1015247",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015247"
            },
            {
              "name": "17684",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17684"
            },
            {
              "name": "ADV-2005-2517",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2005/2517"
            },
            {
              "name": "1015249",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015249"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html"
            },
            {
              "name": "1015248",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015248"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2005-3768",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in Symantec Dynamic VPN Services, as used in Enterprise Firewall, Gateway Security, and Firewall /VPN Appliance products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1015247",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015247"
                },
                {
                  "name": "17684",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17684"
                },
                {
                  "name": "ADV-2005-2517",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2005/2517"
                },
                {
                  "name": "1015249",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015249"
                },
                {
                  "name": "http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html",
                  "refsource": "CONFIRM",
                  "url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html"
                },
                {
                  "name": "1015248",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015248"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2005-3768",
        "datePublished": "2005-11-23T00:00:00.000Z",
        "dateReserved": "2005-11-22T00:00:00.000Z",
        "dateUpdated": "2024-08-07T23:24:36.178Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-0817 (GCVE-0-2005-0817)

    Vulnerability from nvd – Published: 2005-03-20 05:00 – Updated: 2024-08-07 21:28
    VLAI
    Summary
    Unknown vulnerability in the DNSd proxy, as used in Symantec Gateway Security 5400 2.x and 5300 1.x, Enterprise Firewall 7.0.x and 8.x, and VelociRaptor 1100/1200/1300 1.5, allows remote attackers to poison the DNS cache and redirect users to malicious sites.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2005-03-15 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T21:28:28.821Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "sef-dns-spoofing(16423)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16423"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.isc.sans.org/diary.php?date=2005-03-04"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.03.15.html"
              },
              {
                "name": "symantec-dnsdproxy-redirect(44530)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44530"
              },
              {
                "name": "1013451",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1013451"
              },
              {
                "name": "20040615 Symantec Enterprise Firewall DNSD cache poisoning Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/bugtraq/2004-06/0225.html"
              },
              {
                "name": "14595",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/14595"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-03-15T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Unknown vulnerability in the DNSd proxy, as used in Symantec Gateway Security 5400 2.x and 5300 1.x, Enterprise Firewall 7.0.x and 8.x, and VelociRaptor 1100/1200/1300 1.5, allows remote attackers to poison the DNS cache and redirect users to malicious sites."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "sef-dns-spoofing(16423)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16423"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.isc.sans.org/diary.php?date=2005-03-04"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.03.15.html"
            },
            {
              "name": "symantec-dnsdproxy-redirect(44530)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44530"
            },
            {
              "name": "1013451",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1013451"
            },
            {
              "name": "20040615 Symantec Enterprise Firewall DNSD cache poisoning Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2004-06/0225.html"
            },
            {
              "name": "14595",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/14595"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2005-0817",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Unknown vulnerability in the DNSd proxy, as used in Symantec Gateway Security 5400 2.x and 5300 1.x, Enterprise Firewall 7.0.x and 8.x, and VelociRaptor 1100/1200/1300 1.5, allows remote attackers to poison the DNS cache and redirect users to malicious sites."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "sef-dns-spoofing(16423)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16423"
                },
                {
                  "name": "http://www.isc.sans.org/diary.php?date=2005-03-04",
                  "refsource": "MISC",
                  "url": "http://www.isc.sans.org/diary.php?date=2005-03-04"
                },
                {
                  "name": "http://securityresponse.symantec.com/avcenter/security/Content/2005.03.15.html",
                  "refsource": "CONFIRM",
                  "url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.03.15.html"
                },
                {
                  "name": "symantec-dnsdproxy-redirect(44530)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44530"
                },
                {
                  "name": "1013451",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1013451"
                },
                {
                  "name": "20040615 Symantec Enterprise Firewall DNSD cache poisoning Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://archives.neohapsis.com/archives/bugtraq/2004-06/0225.html"
                },
                {
                  "name": "14595",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/14595"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2005-0817",
        "datePublished": "2005-03-20T05:00:00.000Z",
        "dateReserved": "2005-03-20T00:00:00.000Z",
        "dateUpdated": "2024-08-07T21:28:28.821Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-1029 (GCVE-0-2004-1029)

    Vulnerability from nvd – Published: 2004-11-24 05:00 – Updated: 2024-08-08 00:39
    VLAI
    Summary
    The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using the reflection API to access private Java packages.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.idefense.com/application/poi/display?i… third-party-advisoryx_refsource_IDEFENSE
    http://jouko.iki.fi/adv/javaplugin.html x_refsource_MISC
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://lists.apple.com/archives/security-announce… vendor-advisoryx_refsource_APPLE
    http://rpmfind.net/linux/RPM/suse/updates/9.3/i38… x_refsource_CONFIRM
    http://secunia.com/advisories/13271 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/29035 third-party-advisoryx_refsource_SECUNIA
    http://securityreason.com/securityalert/61 third-party-advisoryx_refsource_SREASON
    http://www.securityfocus.com/bid/12317 vdb-entryx_refsource_BID
    http://www.vupen.com/english/advisories/2008/0599 vdb-entryx_refsource_VUPEN
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://sunsolve.sun.com/search/document.do?assetk… vendor-advisoryx_refsource_SUNALERT
    http://www.kb.cert.org/vuls/id/760344 third-party-advisoryx_refsource_CERT-VN
    http://www-1.ibm.com/support/docview.wss?uid=swg2… x_refsource_CONFIRM
    http://sunsolve.sun.com/search/document.do?assetk… vendor-advisoryx_refsource_SUNALERT
    Date Public
    2004-11-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:39:00.544Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20041122 Sun Java Plugin Arbitrary Package Access Vulnerability",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_IDEFENSE",
                  "x_transferred"
                ],
                "url": "http://www.idefense.com/application/poi/display?id=158\u0026type=vulnerabilities"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://jouko.iki.fi/adv/javaplugin.html"
              },
              {
                "name": "oval:org.mitre.oval:def:5674",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5674"
              },
              {
                "name": "APPLE-SA-2005-02-22",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_APPLE",
                  "x_transferred"
                ],
                "url": "http://lists.apple.com/archives/security-announce/2005/Feb/msg00000.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://rpmfind.net/linux/RPM/suse/updates/9.3/i386/rpm/i586/java-1_4_2-sun-src-1.4.2.08-0.1.i586.html"
              },
              {
                "name": "13271",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/13271"
              },
              {
                "name": "29035",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/29035"
              },
              {
                "name": "61",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/61"
              },
              {
                "name": "12317",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/12317"
              },
              {
                "name": "ADV-2008-0599",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2008/0599"
              },
              {
                "name": "sdk-jre-applet-restriction-bypass(18188)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18188"
              },
              {
                "name": "101523",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101523-1"
              },
              {
                "name": "VU#760344",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/760344"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21257249"
              },
              {
                "name": "57591",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUNALERT",
                  "x_transferred"
                ],
                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57591-1"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-11-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using the reflection API to access private Java packages."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-10T00:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20041122 Sun Java Plugin Arbitrary Package Access Vulnerability",
              "tags": [
                "third-party-advisory",
                "x_refsource_IDEFENSE"
              ],
              "url": "http://www.idefense.com/application/poi/display?id=158\u0026type=vulnerabilities"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://jouko.iki.fi/adv/javaplugin.html"
            },
            {
              "name": "oval:org.mitre.oval:def:5674",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5674"
            },
            {
              "name": "APPLE-SA-2005-02-22",
              "tags": [
                "vendor-advisory",
                "x_refsource_APPLE"
              ],
              "url": "http://lists.apple.com/archives/security-announce/2005/Feb/msg00000.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://rpmfind.net/linux/RPM/suse/updates/9.3/i386/rpm/i586/java-1_4_2-sun-src-1.4.2.08-0.1.i586.html"
            },
            {
              "name": "13271",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/13271"
            },
            {
              "name": "29035",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/29035"
            },
            {
              "name": "61",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/61"
            },
            {
              "name": "12317",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/12317"
            },
            {
              "name": "ADV-2008-0599",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2008/0599"
            },
            {
              "name": "sdk-jre-applet-restriction-bypass(18188)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18188"
            },
            {
              "name": "101523",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUNALERT"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101523-1"
            },
            {
              "name": "VU#760344",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/760344"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21257249"
            },
            {
              "name": "57591",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUNALERT"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57591-1"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-1029",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using the reflection API to access private Java packages."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20041122 Sun Java Plugin Arbitrary Package Access Vulnerability",
                  "refsource": "IDEFENSE",
                  "url": "http://www.idefense.com/application/poi/display?id=158\u0026type=vulnerabilities"
                },
                {
                  "name": "http://jouko.iki.fi/adv/javaplugin.html",
                  "refsource": "MISC",
                  "url": "http://jouko.iki.fi/adv/javaplugin.html"
                },
                {
                  "name": "oval:org.mitre.oval:def:5674",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5674"
                },
                {
                  "name": "APPLE-SA-2005-02-22",
                  "refsource": "APPLE",
                  "url": "http://lists.apple.com/archives/security-announce/2005/Feb/msg00000.html"
                },
                {
                  "name": "http://rpmfind.net/linux/RPM/suse/updates/9.3/i386/rpm/i586/java-1_4_2-sun-src-1.4.2.08-0.1.i586.html",
                  "refsource": "CONFIRM",
                  "url": "http://rpmfind.net/linux/RPM/suse/updates/9.3/i386/rpm/i586/java-1_4_2-sun-src-1.4.2.08-0.1.i586.html"
                },
                {
                  "name": "13271",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/13271"
                },
                {
                  "name": "29035",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/29035"
                },
                {
                  "name": "61",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/61"
                },
                {
                  "name": "12317",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/12317"
                },
                {
                  "name": "ADV-2008-0599",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2008/0599"
                },
                {
                  "name": "sdk-jre-applet-restriction-bypass(18188)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18188"
                },
                {
                  "name": "101523",
                  "refsource": "SUNALERT",
                  "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101523-1"
                },
                {
                  "name": "VU#760344",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/760344"
                },
                {
                  "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21257249",
                  "refsource": "CONFIRM",
                  "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21257249"
                },
                {
                  "name": "57591",
                  "refsource": "SUNALERT",
                  "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57591-1"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-1029",
        "datePublished": "2004-11-24T05:00:00.000Z",
        "dateReserved": "2004-11-12T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:39:00.544Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-0369 (GCVE-0-2004-0369)

    Vulnerability from nvd – Published: 2005-04-14 04:00 – Updated: 2024-08-08 00:17
    VLAI
    Summary
    Buffer overflow in Entrust LibKmp ISAKMP library, as used by Symantec Enterprise Firewall 7.0 through 8.0, Gateway Security 5300 1.0, Gateway Security 5400 2.0, and VelociRaptor 1.5, allows remote attackers to execute arbitrary code via a crafted ISAKMP payload.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.auscert.org.au/render.html?it=4339 third-party-advisoryx_refsource_AUSCERT
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://xforce.iss.net/xforce/alerts/id/181 third-party-advisoryx_refsource_ISS
    http://securityresponse.symantec.com/avcenter/sec… x_refsource_CONFIRM
    http://www.ciac.org/ciac/bulletins/o-206.shtml third-party-advisorygovernment-resourcex_refsource_CIAC
    http://www.securityfocus.com/bid/11039 vdb-entryx_refsource_BID
    Date Public
    2004-08-26 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:17:14.359Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ESB-2004.0538",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_AUSCERT",
                  "x_transferred"
                ],
                "url": "http://www.auscert.org.au/render.html?it=4339"
              },
              {
                "name": "isakmp-spi-size-bo(15669)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15669"
              },
              {
                "name": "20040826 Entrust LibKmp Library Buffer Overflow",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_ISS",
                  "x_transferred"
                ],
                "url": "http://xforce.iss.net/xforce/alerts/id/181"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.08.26.html"
              },
              {
                "name": "O-206",
                "tags": [
                  "third-party-advisory",
                  "government-resource",
                  "x_refsource_CIAC",
                  "x_transferred"
                ],
                "url": "http://www.ciac.org/ciac/bulletins/o-206.shtml"
              },
              {
                "name": "11039",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/11039"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-08-26T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in Entrust LibKmp ISAKMP library, as used by Symantec Enterprise Firewall 7.0 through 8.0, Gateway Security 5300 1.0, Gateway Security 5400 2.0, and VelociRaptor 1.5, allows remote attackers to execute arbitrary code via a crafted ISAKMP payload."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "ESB-2004.0538",
              "tags": [
                "third-party-advisory",
                "x_refsource_AUSCERT"
              ],
              "url": "http://www.auscert.org.au/render.html?it=4339"
            },
            {
              "name": "isakmp-spi-size-bo(15669)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15669"
            },
            {
              "name": "20040826 Entrust LibKmp Library Buffer Overflow",
              "tags": [
                "third-party-advisory",
                "x_refsource_ISS"
              ],
              "url": "http://xforce.iss.net/xforce/alerts/id/181"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.08.26.html"
            },
            {
              "name": "O-206",
              "tags": [
                "third-party-advisory",
                "government-resource",
                "x_refsource_CIAC"
              ],
              "url": "http://www.ciac.org/ciac/bulletins/o-206.shtml"
            },
            {
              "name": "11039",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/11039"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-0369",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in Entrust LibKmp ISAKMP library, as used by Symantec Enterprise Firewall 7.0 through 8.0, Gateway Security 5300 1.0, Gateway Security 5400 2.0, and VelociRaptor 1.5, allows remote attackers to execute arbitrary code via a crafted ISAKMP payload."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "ESB-2004.0538",
                  "refsource": "AUSCERT",
                  "url": "http://www.auscert.org.au/render.html?it=4339"
                },
                {
                  "name": "isakmp-spi-size-bo(15669)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15669"
                },
                {
                  "name": "20040826 Entrust LibKmp Library Buffer Overflow",
                  "refsource": "ISS",
                  "url": "http://xforce.iss.net/xforce/alerts/id/181"
                },
                {
                  "name": "http://securityresponse.symantec.com/avcenter/security/Content/2004.08.26.html",
                  "refsource": "CONFIRM",
                  "url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.08.26.html"
                },
                {
                  "name": "O-206",
                  "refsource": "CIAC",
                  "url": "http://www.ciac.org/ciac/bulletins/o-206.shtml"
                },
                {
                  "name": "11039",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/11039"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-0369",
        "datePublished": "2005-04-14T04:00:00.000Z",
        "dateReserved": "2004-03-24T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:17:14.359Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-1754 (GCVE-0-2004-1754)

    Vulnerability from nvd – Published: 2005-03-09 05:00 – Updated: 2024-08-08 01:00
    VLAI
    Summary
    The DNS proxy (DNSd) for multiple Symantec Gateway Security products allows remote attackers to poison the DNS cache via a malicious DNS server query response that contains authoritative or additional records.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://lists.virus.org/bugtraq-0406/msg00234.html mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/10557 vdb-entryx_refsource_BID
    http://secunia.com/advisories/11888 third-party-advisoryx_refsource_SECUNIA
    http://securityresponse.symantec.com/avcenter/sec… x_refsource_CONFIRM
    Date Public
    2004-06-15 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T01:00:37.237Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20040615 Symantec Enterprise Firewall DNSD cache poisoning Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://lists.virus.org/bugtraq-0406/msg00234.html"
              },
              {
                "name": "10557",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/10557"
              },
              {
                "name": "11888",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/11888"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.06.21.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-06-15T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The DNS proxy (DNSd) for multiple Symantec Gateway Security products allows remote attackers to poison the DNS cache via a malicious DNS server query response that contains authoritative or additional records."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-06-15T16:39:05.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20040615 Symantec Enterprise Firewall DNSD cache poisoning Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://lists.virus.org/bugtraq-0406/msg00234.html"
            },
            {
              "name": "10557",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/10557"
            },
            {
              "name": "11888",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/11888"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.06.21.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-1754",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The DNS proxy (DNSd) for multiple Symantec Gateway Security products allows remote attackers to poison the DNS cache via a malicious DNS server query response that contains authoritative or additional records."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20040615 Symantec Enterprise Firewall DNSD cache poisoning Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://lists.virus.org/bugtraq-0406/msg00234.html"
                },
                {
                  "name": "10557",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/10557"
                },
                {
                  "name": "11888",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/11888"
                },
                {
                  "name": "http://securityresponse.symantec.com/avcenter/security/Content/2004.06.21.html",
                  "refsource": "CONFIRM",
                  "url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.06.21.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-1754",
        "datePublished": "2005-03-09T05:00:00.000Z",
        "dateReserved": "2005-03-09T00:00:00.000Z",
        "dateUpdated": "2024-08-08T01:00:37.237Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2002-1463 (GCVE-0-2002-1463)

    Vulnerability from nvd – Published: 2004-09-01 04:00 – Updated: 2024-08-08 03:26
    VLAI
    Summary
    Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor Models 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 generate easily predictable initial sequence numbers (ISN), which allows remote attackers to spoof connections.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2002-08-02 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T03:26:28.448Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20020802 Security Advisory: Raptor Firewall Weak ISN Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0492.html"
              },
              {
                "name": "5387",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/5387"
              },
              {
                "name": "symantec-tcp-seq-predict(12836)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12836"
              },
              {
                "name": "855",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/855"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.symantec.com/techsupp/bulletin/archive/firewall/082002firewall.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2002-08-02T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor Models 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 generate easily predictable initial sequence numbers (ISN), which allows remote attackers to spoof connections."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2004-08-18T00:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20020802 Security Advisory: Raptor Firewall Weak ISN Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0492.html"
            },
            {
              "name": "5387",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/5387"
            },
            {
              "name": "symantec-tcp-seq-predict(12836)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12836"
            },
            {
              "name": "855",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/855"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.symantec.com/techsupp/bulletin/archive/firewall/082002firewall.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2002-1463",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor Models 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 generate easily predictable initial sequence numbers (ISN), which allows remote attackers to spoof connections."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20020802 Security Advisory: Raptor Firewall Weak ISN Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0492.html"
                },
                {
                  "name": "5387",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/5387"
                },
                {
                  "name": "symantec-tcp-seq-predict(12836)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12836"
                },
                {
                  "name": "855",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/855"
                },
                {
                  "name": "http://www.symantec.com/techsupp/bulletin/archive/firewall/082002firewall.html",
                  "refsource": "CONFIRM",
                  "url": "http://www.symantec.com/techsupp/bulletin/archive/firewall/082002firewall.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2002-1463",
        "datePublished": "2004-09-01T04:00:00.000Z",
        "dateReserved": "2003-02-05T00:00:00.000Z",
        "dateUpdated": "2024-08-08T03:26:28.448Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2003-0106 (GCVE-0-2003-0106)

    Vulnerability from nvd – Published: 2003-03-27 05:00 – Updated: 2024-08-08 01:43
    VLAI
    Summary
    The HTTP proxy for Symantec Enterprise Firewall (SEF) 7.0 allows proxy users to bypass pattern matching for blocked URLs via requests that are URL-encoded with escapes, Unicode, or UTF-8.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2003-03-26 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T01:43:35.881Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20030326 Corsaire Security Advisory - Symantec Enterprise Firewall (SEF) H TTP URL pattern evasion issue",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=104869513822233\u0026w=2"
              },
              {
                "name": "20030326 Corsaire Security Advisory - Symantec Enterprise Firewall (SEF) H TTP URL pattern evasion issue",
                "tags": [
                  "mailing-list",
                  "x_refsource_VULNWATCH",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0152.html"
              },
              {
                "name": "20030326 Corsaire Security Advisory - Symantec Enterprise Firewall (SEF) H TTP URL pattern evasion issue",
                "tags": [
                  "mailing-list",
                  "x_refsource_NTBUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=ntbugtraq\u0026m=104868285106289\u0026w=2"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://service1.symantec.com/SUPPORT/ent-gate.nsf/docid/2003032507434754"
              },
              {
                "name": "7196",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/7196"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2003-03-26T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The HTTP proxy for Symantec Enterprise Firewall (SEF) 7.0 allows proxy users to bypass pattern matching for blocked URLs via requests that are URL-encoded with escapes, Unicode, or UTF-8."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2016-10-17T13:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20030326 Corsaire Security Advisory - Symantec Enterprise Firewall (SEF) H TTP URL pattern evasion issue",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=104869513822233\u0026w=2"
            },
            {
              "name": "20030326 Corsaire Security Advisory - Symantec Enterprise Firewall (SEF) H TTP URL pattern evasion issue",
              "tags": [
                "mailing-list",
                "x_refsource_VULNWATCH"
              ],
              "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0152.html"
            },
            {
              "name": "20030326 Corsaire Security Advisory - Symantec Enterprise Firewall (SEF) H TTP URL pattern evasion issue",
              "tags": [
                "mailing-list",
                "x_refsource_NTBUGTRAQ"
              ],
              "url": "http://marc.info/?l=ntbugtraq\u0026m=104868285106289\u0026w=2"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://service1.symantec.com/SUPPORT/ent-gate.nsf/docid/2003032507434754"
            },
            {
              "name": "7196",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/7196"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2003-0106",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The HTTP proxy for Symantec Enterprise Firewall (SEF) 7.0 allows proxy users to bypass pattern matching for blocked URLs via requests that are URL-encoded with escapes, Unicode, or UTF-8."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20030326 Corsaire Security Advisory - Symantec Enterprise Firewall (SEF) H TTP URL pattern evasion issue",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=104869513822233\u0026w=2"
                },
                {
                  "name": "20030326 Corsaire Security Advisory - Symantec Enterprise Firewall (SEF) H TTP URL pattern evasion issue",
                  "refsource": "VULNWATCH",
                  "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0152.html"
                },
                {
                  "name": "20030326 Corsaire Security Advisory - Symantec Enterprise Firewall (SEF) H TTP URL pattern evasion issue",
                  "refsource": "NTBUGTRAQ",
                  "url": "http://marc.info/?l=ntbugtraq\u0026m=104868285106289\u0026w=2"
                },
                {
                  "name": "http://service1.symantec.com/SUPPORT/ent-gate.nsf/docid/2003032507434754",
                  "refsource": "CONFIRM",
                  "url": "http://service1.symantec.com/SUPPORT/ent-gate.nsf/docid/2003032507434754"
                },
                {
                  "name": "7196",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/7196"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2003-0106",
        "datePublished": "2003-03-27T05:00:00.000Z",
        "dateReserved": "2003-02-26T00:00:00.000Z",
        "dateUpdated": "2024-08-08T01:43:35.881Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2002-1535 (GCVE-0-2002-1535)

    Vulnerability from nvd – Published: 2003-03-18 05:00 – Updated: 2024-08-08 03:26
    VLAI
    Summary
    Secure Webserver 1.1 in Raptor 6.5 and Symantec Enterprise Firewall 6.5.2 allows remote attackers to identify IP addresses of hosts on the internal network via a CONNECT request, which generates different error messages if the host is present.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2002-10-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T03:26:28.914Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "5959",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/5959"
              },
              {
                "name": "simple-webserver-topology-disclosure(10363)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "http://www.iss.net/security_center/static/10363.php"
              },
              {
                "name": "20021014 Symantec Enterprise Firewall Secure Webserver info leak",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0190.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.10.11a.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2002-10-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Secure Webserver 1.1 in Raptor 6.5 and Symantec Enterprise Firewall 6.5.2 allows remote attackers to identify IP addresses of hosts on the internal network via a CONNECT request, which generates different error messages if the host is present."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2007-10-16T00:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "5959",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/5959"
            },
            {
              "name": "simple-webserver-topology-disclosure(10363)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "http://www.iss.net/security_center/static/10363.php"
            },
            {
              "name": "20021014 Symantec Enterprise Firewall Secure Webserver info leak",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0190.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.10.11a.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2002-1535",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Secure Webserver 1.1 in Raptor 6.5 and Symantec Enterprise Firewall 6.5.2 allows remote attackers to identify IP addresses of hosts on the internal network via a CONNECT request, which generates different error messages if the host is present."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "5959",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/5959"
                },
                {
                  "name": "simple-webserver-topology-disclosure(10363)",
                  "refsource": "XF",
                  "url": "http://www.iss.net/security_center/static/10363.php"
                },
                {
                  "name": "20021014 Symantec Enterprise Firewall Secure Webserver info leak",
                  "refsource": "BUGTRAQ",
                  "url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0190.html"
                },
                {
                  "name": "http://securityresponse.symantec.com/avcenter/security/Content/2002.10.11a.html",
                  "refsource": "CONFIRM",
                  "url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.10.11a.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2002-1535",
        "datePublished": "2003-03-18T05:00:00.000Z",
        "dateReserved": "2003-02-23T00:00:00.000Z",
        "dateUpdated": "2024-08-08T03:26:28.914Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2002-2294 (GCVE-0-2002-2294)

    Vulnerability from nvd – Published: 2007-10-18 10:00 – Updated: 2024-08-08 03:59
    VLAI
    Summary
    Multiple buffer overflows in Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 allow remote attackers to cause a denial of service (service termination) via (1) malformed RealAudio (rad) packets that are not properly handled by the RealAudio Proxy, or (2) crafted packets to the statistics service (statsd).
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2002-12-13 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T03:59:11.399Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.symantec.com/avcenter/security/Content/2002.12.12.html"
              },
              {
                "name": "sef-realaudio-proxy-bo(10862)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10862"
              },
              {
                "name": "6389",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/6389"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2002-12-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple buffer overflows in Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 allow remote attackers to cause a denial of service (service termination) via (1) malformed RealAudio (rad) packets that are not properly handled by the RealAudio Proxy, or (2) crafted packets to the statistics service (statsd)."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.symantec.com/avcenter/security/Content/2002.12.12.html"
            },
            {
              "name": "sef-realaudio-proxy-bo(10862)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10862"
            },
            {
              "name": "6389",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/6389"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2002-2294",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple buffer overflows in Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 allow remote attackers to cause a denial of service (service termination) via (1) malformed RealAudio (rad) packets that are not properly handled by the RealAudio Proxy, or (2) crafted packets to the statistics service (statsd)."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.symantec.com/avcenter/security/Content/2002.12.12.html",
                  "refsource": "CONFIRM",
                  "url": "http://www.symantec.com/avcenter/security/Content/2002.12.12.html"
                },
                {
                  "name": "sef-realaudio-proxy-bo(10862)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10862"
                },
                {
                  "name": "6389",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/6389"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2002-2294",
        "datePublished": "2007-10-18T10:00:00.000Z",
        "dateReserved": "2007-10-17T00:00:00.000Z",
        "dateUpdated": "2024-08-08T03:59:11.399Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2002-0990 (GCVE-0-2002-0990)

    Vulnerability from nvd – Published: 2004-09-01 04:00 – Updated: 2024-08-08 03:12
    VLAI
    Summary
    The web proxy component in Symantec Enterprise Firewall (SEF) 6.5.2 through 7.0, Raptor Firewall 6.5 and 6.5.3, VelociRaptor, and Symantec Gateway Security allow remote attackers to cause a denial of service (connection resource exhaustion) via multiple connection requests to domains whose DNS server is unresponsive or does not exist, which generates a long timeout.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2002-10-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T03:12:16.897Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "simple-webserver-url-dos(10364)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "http://www.iss.net/security_center/static/10364.php"
              },
              {
                "name": "20021014 Multiple Symantec Firewall Secure Webserver timeout DoS",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=103463869503124\u0026w=2"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.10.11.html"
              },
              {
                "name": "5958",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/5958"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2002-10-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The web proxy component in Symantec Enterprise Firewall (SEF) 6.5.2 through 7.0, Raptor Firewall 6.5 and 6.5.3, VelociRaptor, and Symantec Gateway Security allow remote attackers to cause a denial of service (connection resource exhaustion) via multiple connection requests to domains whose DNS server is unresponsive or does not exist, which generates a long timeout."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2003-02-26T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "simple-webserver-url-dos(10364)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "http://www.iss.net/security_center/static/10364.php"
            },
            {
              "name": "20021014 Multiple Symantec Firewall Secure Webserver timeout DoS",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=103463869503124\u0026w=2"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.10.11.html"
            },
            {
              "name": "5958",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/5958"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2002-0990",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The web proxy component in Symantec Enterprise Firewall (SEF) 6.5.2 through 7.0, Raptor Firewall 6.5 and 6.5.3, VelociRaptor, and Symantec Gateway Security allow remote attackers to cause a denial of service (connection resource exhaustion) via multiple connection requests to domains whose DNS server is unresponsive or does not exist, which generates a long timeout."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "simple-webserver-url-dos(10364)",
                  "refsource": "XF",
                  "url": "http://www.iss.net/security_center/static/10364.php"
                },
                {
                  "name": "20021014 Multiple Symantec Firewall Secure Webserver timeout DoS",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=103463869503124\u0026w=2"
                },
                {
                  "name": "http://securityresponse.symantec.com/avcenter/security/Content/2002.10.11.html",
                  "refsource": "CONFIRM",
                  "url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.10.11.html"
                },
                {
                  "name": "5958",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/5958"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2002-0990",
        "datePublished": "2004-09-01T04:00:00.000Z",
        "dateReserved": "2002-08-27T00:00:00.000Z",
        "dateUpdated": "2024-08-08T03:12:16.897Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2002-0538 (GCVE-0-2002-0538)

    Vulnerability from nvd – Published: 2003-04-02 05:00 – Updated: 2024-08-08 02:49
    VLAI
    Summary
    FTP proxy in Symantec Raptor Firewall 6.5.3 and Enterprise 7.0 rewrites an FTP server's "FTP PORT" responses in a way that allows remote attackers to redirect FTP data connections to arbitrary ports, a variant of the "FTP bounce" vulnerability.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2002-04-15 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T02:49:28.883Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "4522",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/4522"
              },
              {
                "name": "20020415 Raptor Firewall FTP Bounce vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/bugtraq/2002-04/0166.html"
              },
              {
                "name": "raptor-firewall-ftp-bounce(8847)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "http://www.iss.net/security_center/static/8847.php"
              },
              {
                "name": "20020417 Re: Raptor Firewall FTP Bounce vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/bugtraq/2002-04/0224.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.04.17.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2002-04-15T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "FTP proxy in Symantec Raptor Firewall 6.5.3 and Enterprise 7.0 rewrites an FTP server\u0027s \"FTP PORT\" responses in a way that allows remote attackers to redirect FTP data connections to arbitrary ports, a variant of the \"FTP bounce\" vulnerability."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2002-06-15T09:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "4522",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/4522"
            },
            {
              "name": "20020415 Raptor Firewall FTP Bounce vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2002-04/0166.html"
            },
            {
              "name": "raptor-firewall-ftp-bounce(8847)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "http://www.iss.net/security_center/static/8847.php"
            },
            {
              "name": "20020417 Re: Raptor Firewall FTP Bounce vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2002-04/0224.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.04.17.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2002-0538",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "FTP proxy in Symantec Raptor Firewall 6.5.3 and Enterprise 7.0 rewrites an FTP server\u0027s \"FTP PORT\" responses in a way that allows remote attackers to redirect FTP data connections to arbitrary ports, a variant of the \"FTP bounce\" vulnerability."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "4522",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/4522"
                },
                {
                  "name": "20020415 Raptor Firewall FTP Bounce vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://archives.neohapsis.com/archives/bugtraq/2002-04/0166.html"
                },
                {
                  "name": "raptor-firewall-ftp-bounce(8847)",
                  "refsource": "XF",
                  "url": "http://www.iss.net/security_center/static/8847.php"
                },
                {
                  "name": "20020417 Re: Raptor Firewall FTP Bounce vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://archives.neohapsis.com/archives/bugtraq/2002-04/0224.html"
                },
                {
                  "name": "http://securityresponse.symantec.com/avcenter/security/Content/2002.04.17.html",
                  "refsource": "CONFIRM",
                  "url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.04.17.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2002-0538",
        "datePublished": "2003-04-02T05:00:00.000Z",
        "dateReserved": "2002-06-07T00:00:00.000Z",
        "dateUpdated": "2024-08-08T02:49:28.883Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2002-0302 (GCVE-0-2002-0302)

    Vulnerability from nvd – Published: 2003-04-02 05:00 – Updated: 2024-08-08 02:42
    VLAI
    Summary
    The Notify daemon for Symantec Enterprise Firewall (SEF) 6.5.x drops large alerts when SNMP is used as the transport, which could prevent some alerts from being sent in the event of an attack.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2002-02-20 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T02:42:28.998Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "4139",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/4139"
              },
              {
                "name": "sef-snmp-notify-loss(8253)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8253"
              },
              {
                "name": "20020220 Symantec Enterprise Firewall (SEF) Notify Daemon data loss via SN MP",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=101424225814604\u0026w=2"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.02.20a.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2002-02-20T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The Notify daemon for Symantec Enterprise Firewall (SEF) 6.5.x drops large alerts when SNMP is used as the transport, which could prevent some alerts from being sent in the event of an attack."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2003-03-20T00:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "4139",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/4139"
            },
            {
              "name": "sef-snmp-notify-loss(8253)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8253"
            },
            {
              "name": "20020220 Symantec Enterprise Firewall (SEF) Notify Daemon data loss via SN MP",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=101424225814604\u0026w=2"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.02.20a.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2002-0302",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Notify daemon for Symantec Enterprise Firewall (SEF) 6.5.x drops large alerts when SNMP is used as the transport, which could prevent some alerts from being sent in the event of an attack."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "4139",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/4139"
                },
                {
                  "name": "sef-snmp-notify-loss(8253)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8253"
                },
                {
                  "name": "20020220 Symantec Enterprise Firewall (SEF) Notify Daemon data loss via SN MP",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=101424225814604\u0026w=2"
                },
                {
                  "name": "http://securityresponse.symantec.com/avcenter/security/Content/2002.02.20a.html",
                  "refsource": "CONFIRM",
                  "url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.02.20a.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2002-0302",
        "datePublished": "2003-04-02T05:00:00.000Z",
        "dateReserved": "2002-05-01T00:00:00.000Z",
        "dateUpdated": "2024-08-08T02:42:28.998Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2002-0309 (GCVE-0-2002-0309)

    Vulnerability from nvd – Published: 2003-04-02 05:00 – Updated: 2024-08-08 02:42
    VLAI
    Summary
    SMTP proxy in Symantec Enterprise Firewall (SEF) 6.5.x includes the firewall's physical interface name and address in an SMTP protocol exchange when NAT translation is made to an address other than the firewall, which could allow remote attackers to determine certain firewall configuration information.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2002-02-20 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T02:42:29.184Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20020220 Symantec Enterprise Firewall (SEF) SMTP proxy inconsistencies",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=101424307617060\u0026w=2"
              },
              {
                "name": "sef-smtp-proxy-information(8251)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "http://www.iss.net/security_center/static/8251.php"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.02.20.html"
              },
              {
                "name": "20020221 Symantec Enterprise Firewall (SEF) SMTP proxy inconsistencies",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=101430810813853\u0026w=2"
              },
              {
                "name": "4141",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/4141"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2002-02-20T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "SMTP proxy in Symantec Enterprise Firewall (SEF) 6.5.x includes the firewall\u0027s physical interface name and address in an SMTP protocol exchange when NAT translation is made to an address other than the firewall, which could allow remote attackers to determine certain firewall configuration information."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2003-03-20T00:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20020220 Symantec Enterprise Firewall (SEF) SMTP proxy inconsistencies",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=101424307617060\u0026w=2"
            },
            {
              "name": "sef-smtp-proxy-information(8251)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "http://www.iss.net/security_center/static/8251.php"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.02.20.html"
            },
            {
              "name": "20020221 Symantec Enterprise Firewall (SEF) SMTP proxy inconsistencies",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=101430810813853\u0026w=2"
            },
            {
              "name": "4141",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/4141"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2002-0309",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "SMTP proxy in Symantec Enterprise Firewall (SEF) 6.5.x includes the firewall\u0027s physical interface name and address in an SMTP protocol exchange when NAT translation is made to an address other than the firewall, which could allow remote attackers to determine certain firewall configuration information."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20020220 Symantec Enterprise Firewall (SEF) SMTP proxy inconsistencies",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=101424307617060\u0026w=2"
                },
                {
                  "name": "sef-smtp-proxy-information(8251)",
                  "refsource": "XF",
                  "url": "http://www.iss.net/security_center/static/8251.php"
                },
                {
                  "name": "http://securityresponse.symantec.com/avcenter/security/Content/2002.02.20.html",
                  "refsource": "CONFIRM",
                  "url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.02.20.html"
                },
                {
                  "name": "20020221 Symantec Enterprise Firewall (SEF) SMTP proxy inconsistencies",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=101430810813853\u0026w=2"
                },
                {
                  "name": "4141",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/4141"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2002-0309",
        "datePublished": "2003-04-02T05:00:00.000Z",
        "dateReserved": "2002-05-01T00:00:00.000Z",
        "dateUpdated": "2024-08-08T02:42:29.184Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }