Search

Find a vulnerability

Search criteria

    12 vulnerabilities found for firewall_vpn_appliance_100 by symantec

    CVE-2005-3768 (GCVE-0-2005-3768)

    Vulnerability from nvd – Published: 2005-11-23 00:00 – Updated: 2024-08-07 23:24
    VLAI
    Summary
    Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in Symantec Dynamic VPN Services, as used in Enterprise Firewall, Gateway Security, and Firewall /VPN Appliance products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://securitytracker.com/id?1015247 vdb-entryx_refsource_SECTRACK
    http://secunia.com/advisories/17684 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2005/2517 vdb-entryx_refsource_VUPEN
    http://securitytracker.com/id?1015249 vdb-entryx_refsource_SECTRACK
    http://securityresponse.symantec.com/avcenter/sec… x_refsource_CONFIRM
    http://securitytracker.com/id?1015248 vdb-entryx_refsource_SECTRACK
    Date Public
    2005-11-21 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T23:24:36.178Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1015247",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015247"
              },
              {
                "name": "17684",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17684"
              },
              {
                "name": "ADV-2005-2517",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2005/2517"
              },
              {
                "name": "1015249",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015249"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html"
              },
              {
                "name": "1015248",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015248"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-11-21T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in Symantec Dynamic VPN Services, as used in Enterprise Firewall, Gateway Security, and Firewall /VPN Appliance products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2009-02-26T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "1015247",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015247"
            },
            {
              "name": "17684",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17684"
            },
            {
              "name": "ADV-2005-2517",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2005/2517"
            },
            {
              "name": "1015249",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015249"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html"
            },
            {
              "name": "1015248",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015248"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2005-3768",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in Symantec Dynamic VPN Services, as used in Enterprise Firewall, Gateway Security, and Firewall /VPN Appliance products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1015247",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015247"
                },
                {
                  "name": "17684",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17684"
                },
                {
                  "name": "ADV-2005-2517",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2005/2517"
                },
                {
                  "name": "1015249",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015249"
                },
                {
                  "name": "http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html",
                  "refsource": "CONFIRM",
                  "url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html"
                },
                {
                  "name": "1015248",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015248"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2005-3768",
        "datePublished": "2005-11-23T00:00:00.000Z",
        "dateReserved": "2005-11-22T00:00:00.000Z",
        "dateUpdated": "2024-08-07T23:24:36.178Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-1474 (GCVE-0-2004-1474)

    Vulnerability from nvd – Published: 2005-02-13 05:00 – Updated: 2024-08-08 00:53
    VLAI
    Summary
    Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 and Gateway Security 320, 360, and 360R running firmware before 622 uses a default read/write SNMP community string, which allows remote attackers to alter the firewall's configuration file.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/12635 third-party-advisoryx_refsource_SECUNIA
    http://securityresponse.symantec.com/avcenter/sec… x_refsource_CONFIRM
    http://www.kb.cert.org/vuls/id/173910 third-party-advisoryx_refsource_CERT-VN
    http://marc.info/?l=bugtraq&m=109588376426070&w=2 mailing-listx_refsource_BUGTRAQ
    http://www.osvdb.org/10206 vdb-entryx_refsource_OSVDB
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/bid/11237 vdb-entryx_refsource_BID
    Date Public
    2004-09-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:53:24.010Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "12635",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/12635"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html"
              },
              {
                "name": "VU#173910",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/173910"
              },
              {
                "name": "20040922 Multiple Vulnerabilities in Symantec Enterprise Firewall/Gateway Security Products",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=109588376426070\u0026w=2"
              },
              {
                "name": "10206",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/10206"
              },
              {
                "name": "symantec-default-snmp(17471)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17471"
              },
              {
                "name": "11237",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/11237"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-09-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 and Gateway Security 320, 360, and 360R running firmware before 622 uses a default read/write SNMP community string, which allows remote attackers to alter the firewall\u0027s configuration file."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "12635",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/12635"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html"
            },
            {
              "name": "VU#173910",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/173910"
            },
            {
              "name": "20040922 Multiple Vulnerabilities in Symantec Enterprise Firewall/Gateway Security Products",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=109588376426070\u0026w=2"
            },
            {
              "name": "10206",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/10206"
            },
            {
              "name": "symantec-default-snmp(17471)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17471"
            },
            {
              "name": "11237",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/11237"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-1474",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 and Gateway Security 320, 360, and 360R running firmware before 622 uses a default read/write SNMP community string, which allows remote attackers to alter the firewall\u0027s configuration file."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "12635",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/12635"
                },
                {
                  "name": "http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html",
                  "refsource": "CONFIRM",
                  "url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html"
                },
                {
                  "name": "VU#173910",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/173910"
                },
                {
                  "name": "20040922 Multiple Vulnerabilities in Symantec Enterprise Firewall/Gateway Security Products",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=109588376426070\u0026w=2"
                },
                {
                  "name": "10206",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/10206"
                },
                {
                  "name": "symantec-default-snmp(17471)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17471"
                },
                {
                  "name": "11237",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/11237"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-1474",
        "datePublished": "2005-02-13T05:00:00.000Z",
        "dateReserved": "2005-02-13T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:53:24.010Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-1472 (GCVE-0-2004-1472)

    Vulnerability from nvd – Published: 2005-02-13 05:00 – Updated: 2024-08-08 00:53
    VLAI
    Summary
    Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 allow remote attackers to cause a denial of service (device freeze) via a fast UDP port scan on the WAN interface.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/12635 third-party-advisoryx_refsource_SECUNIA
    http://securityresponse.symantec.com/avcenter/sec… x_refsource_CONFIRM
    http://marc.info/?l=bugtraq&m=109588376426070&w=2 mailing-listx_refsource_BUGTRAQ
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.kb.cert.org/vuls/id/441078 third-party-advisoryx_refsource_CERT-VN
    http://www.securityfocus.com/bid/11237 vdb-entryx_refsource_BID
    http://www.osvdb.org/10204 vdb-entryx_refsource_OSVDB
    Date Public
    2004-09-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:53:23.927Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "12635",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/12635"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html"
              },
              {
                "name": "20040922 Multiple Vulnerabilities in Symantec Enterprise Firewall/Gateway Security Products",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=109588376426070\u0026w=2"
              },
              {
                "name": "symantec-firewallvpn-udp-dos(17469)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17469"
              },
              {
                "name": "VU#441078",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/441078"
              },
              {
                "name": "11237",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/11237"
              },
              {
                "name": "10204",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/10204"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-09-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 allow remote attackers to cause a denial of service (device freeze) via a fast UDP port scan on the WAN interface."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "12635",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/12635"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html"
            },
            {
              "name": "20040922 Multiple Vulnerabilities in Symantec Enterprise Firewall/Gateway Security Products",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=109588376426070\u0026w=2"
            },
            {
              "name": "symantec-firewallvpn-udp-dos(17469)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17469"
            },
            {
              "name": "VU#441078",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/441078"
            },
            {
              "name": "11237",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/11237"
            },
            {
              "name": "10204",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/10204"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-1472",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 allow remote attackers to cause a denial of service (device freeze) via a fast UDP port scan on the WAN interface."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "12635",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/12635"
                },
                {
                  "name": "http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html",
                  "refsource": "CONFIRM",
                  "url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html"
                },
                {
                  "name": "20040922 Multiple Vulnerabilities in Symantec Enterprise Firewall/Gateway Security Products",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=109588376426070\u0026w=2"
                },
                {
                  "name": "symantec-firewallvpn-udp-dos(17469)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17469"
                },
                {
                  "name": "VU#441078",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/441078"
                },
                {
                  "name": "11237",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/11237"
                },
                {
                  "name": "10204",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/10204"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-1472",
        "datePublished": "2005-02-13T05:00:00.000Z",
        "dateReserved": "2005-02-13T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:53:23.927Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-1473 (GCVE-0-2004-1473)

    Vulnerability from nvd – Published: 2005-02-13 05:00 – Updated: 2024-08-08 00:53
    VLAI
    Summary
    Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 and Gateway Security 320, 360, and 360R running firmware before 622 allow remote attackers to bypass filtering and determine whether the device is running services such as tftpd, snmpd, or isakmp via a UDP port scan with a source port of UDP 53.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/12635 third-party-advisoryx_refsource_SECUNIA
    http://securityresponse.symantec.com/avcenter/sec… x_refsource_CONFIRM
    http://marc.info/?l=bugtraq&m=109588376426070&w=2 mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/11237 vdb-entryx_refsource_BID
    http://www.osvdb.org/10205 vdb-entryx_refsource_OSVDB
    http://www.kb.cert.org/vuls/id/329230 third-party-advisoryx_refsource_CERT-VN
    Date Public
    2004-09-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:53:23.948Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "symantec-udp-obtain-info(17470)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17470"
              },
              {
                "name": "12635",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/12635"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html"
              },
              {
                "name": "20040922 Multiple Vulnerabilities in Symantec Enterprise Firewall/Gateway Security Products",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=109588376426070\u0026w=2"
              },
              {
                "name": "11237",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/11237"
              },
              {
                "name": "10205",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/10205"
              },
              {
                "name": "VU#329230",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/329230"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-09-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 and Gateway Security 320, 360, and 360R running firmware before 622 allow remote attackers to bypass filtering and determine whether the device is running services such as tftpd, snmpd, or isakmp via a UDP port scan with a source port of UDP 53."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "symantec-udp-obtain-info(17470)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17470"
            },
            {
              "name": "12635",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/12635"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html"
            },
            {
              "name": "20040922 Multiple Vulnerabilities in Symantec Enterprise Firewall/Gateway Security Products",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=109588376426070\u0026w=2"
            },
            {
              "name": "11237",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/11237"
            },
            {
              "name": "10205",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/10205"
            },
            {
              "name": "VU#329230",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/329230"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-1473",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 and Gateway Security 320, 360, and 360R running firmware before 622 allow remote attackers to bypass filtering and determine whether the device is running services such as tftpd, snmpd, or isakmp via a UDP port scan with a source port of UDP 53."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "symantec-udp-obtain-info(17470)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17470"
                },
                {
                  "name": "12635",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/12635"
                },
                {
                  "name": "http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html",
                  "refsource": "CONFIRM",
                  "url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html"
                },
                {
                  "name": "20040922 Multiple Vulnerabilities in Symantec Enterprise Firewall/Gateway Security Products",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=109588376426070\u0026w=2"
                },
                {
                  "name": "11237",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/11237"
                },
                {
                  "name": "10205",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/10205"
                },
                {
                  "name": "VU#329230",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/329230"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-1473",
        "datePublished": "2005-02-13T05:00:00.000Z",
        "dateReserved": "2005-02-13T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:53:23.948Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-0190 (GCVE-0-2004-0190)

    Vulnerability from nvd – Published: 2004-09-01 04:00 – Updated: 2024-08-08 00:10
    VLAI
    Summary
    Symantec FireWall/VPN Appliance model 200 records a cleartext password for the password administration page, which may be cached on the administrator's local system or in a proxy, which allows attackers to steal the password and gain privileges.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://marc.info/?l=bugtraq&m=107694794031839&w=2 mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/9784 vdb-entryx_refsource_BID
    http://www.osvdb.org/4117 vdb-entryx_refsource_OSVDB
    http://lists.grok.org.uk/pipermail/full-disclosur… mailing-listx_refsource_FULLDISC
    Date Public
    2004-02-16 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:10:03.624Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "symantec-firewallvpn-password-plaintext(15212)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15212"
              },
              {
                "name": "20040216 Symantec FireWall/VPN Appliance model 200 leak of security",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=107694794031839\u0026w=2"
              },
              {
                "name": "9784",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/9784"
              },
              {
                "name": "4117",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/4117"
              },
              {
                "name": "20040216 Symantec FireWall/VPN Appliance model 200 leak of security",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-February/017414.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-02-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Symantec FireWall/VPN Appliance model 200 records a cleartext password for the password administration page, which may be cached on the administrator\u0027s local system or in a proxy, which allows attackers to steal the password and gain privileges."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2004-08-18T00:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "symantec-firewallvpn-password-plaintext(15212)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15212"
            },
            {
              "name": "20040216 Symantec FireWall/VPN Appliance model 200 leak of security",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=107694794031839\u0026w=2"
            },
            {
              "name": "9784",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/9784"
            },
            {
              "name": "4117",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/4117"
            },
            {
              "name": "20040216 Symantec FireWall/VPN Appliance model 200 leak of security",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-February/017414.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-0190",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Symantec FireWall/VPN Appliance model 200 records a cleartext password for the password administration page, which may be cached on the administrator\u0027s local system or in a proxy, which allows attackers to steal the password and gain privileges."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "symantec-firewallvpn-password-plaintext(15212)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15212"
                },
                {
                  "name": "20040216 Symantec FireWall/VPN Appliance model 200 leak of security",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=107694794031839\u0026w=2"
                },
                {
                  "name": "9784",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/9784"
                },
                {
                  "name": "4117",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/4117"
                },
                {
                  "name": "20040216 Symantec FireWall/VPN Appliance model 200 leak of security",
                  "refsource": "FULLDISC",
                  "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-February/017414.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-0190",
        "datePublished": "2004-09-01T04:00:00.000Z",
        "dateReserved": "2004-03-03T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:10:03.624Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2002-1937 (GCVE-0-2002-1937)

    Vulnerability from nvd – Published: 2005-06-28 04:00 – Updated: 2024-09-16 16:38
    VLAI
    Summary
    Symantec Firewall/VPN Appliance 100 through 200R hardcodes the administrator's MAC address inside the firewall's configuration, which allows remote attackers to spoof the administrator's MAC address and perform an ARP poisoning man-in-the-middle attack to obtain the administrator's password.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T03:43:33.610Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20021022 Re:  Sniffing Administrator\u0027s Password in Symantec Firewall/VPN Appliance V. 200R",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0329.html"
              },
              {
                "name": "firewallvpn-arp-mitm(10442)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "http://www.iss.net/security_center/static/10442.php"
              },
              {
                "name": "20021022 Sniffing Administrator\u0027s Password in Symantec Firewall/VPN Appliance V. 200R",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0314.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Symantec Firewall/VPN Appliance 100 through 200R hardcodes the administrator\u0027s MAC address inside the firewall\u0027s configuration, which allows remote attackers to spoof the administrator\u0027s MAC address and perform an ARP poisoning man-in-the-middle attack to obtain the administrator\u0027s password."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2005-06-28T04:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20021022 Re:  Sniffing Administrator\u0027s Password in Symantec Firewall/VPN Appliance V. 200R",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0329.html"
            },
            {
              "name": "firewallvpn-arp-mitm(10442)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "http://www.iss.net/security_center/static/10442.php"
            },
            {
              "name": "20021022 Sniffing Administrator\u0027s Password in Symantec Firewall/VPN Appliance V. 200R",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0314.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2002-1937",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Symantec Firewall/VPN Appliance 100 through 200R hardcodes the administrator\u0027s MAC address inside the firewall\u0027s configuration, which allows remote attackers to spoof the administrator\u0027s MAC address and perform an ARP poisoning man-in-the-middle attack to obtain the administrator\u0027s password."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20021022 Re:  Sniffing Administrator\u0027s Password in Symantec Firewall/VPN Appliance V. 200R",
                  "refsource": "BUGTRAQ",
                  "url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0329.html"
                },
                {
                  "name": "firewallvpn-arp-mitm(10442)",
                  "refsource": "XF",
                  "url": "http://www.iss.net/security_center/static/10442.php"
                },
                {
                  "name": "20021022 Sniffing Administrator\u0027s Password in Symantec Firewall/VPN Appliance V. 200R",
                  "refsource": "BUGTRAQ",
                  "url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0314.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2002-1937",
        "datePublished": "2005-06-28T04:00:00.000Z",
        "dateReserved": "2005-06-28T04:00:00.000Z",
        "dateUpdated": "2024-09-16T16:38:24.973Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-3768 (GCVE-0-2005-3768)

    Vulnerability from cvelistv5 – Published: 2005-11-23 00:00 – Updated: 2024-08-07 23:24
    VLAI
    Summary
    Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in Symantec Dynamic VPN Services, as used in Enterprise Firewall, Gateway Security, and Firewall /VPN Appliance products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://securitytracker.com/id?1015247 vdb-entryx_refsource_SECTRACK
    http://secunia.com/advisories/17684 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2005/2517 vdb-entryx_refsource_VUPEN
    http://securitytracker.com/id?1015249 vdb-entryx_refsource_SECTRACK
    http://securityresponse.symantec.com/avcenter/sec… x_refsource_CONFIRM
    http://securitytracker.com/id?1015248 vdb-entryx_refsource_SECTRACK
    Date Public
    2005-11-21 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T23:24:36.178Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1015247",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015247"
              },
              {
                "name": "17684",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17684"
              },
              {
                "name": "ADV-2005-2517",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2005/2517"
              },
              {
                "name": "1015249",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015249"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html"
              },
              {
                "name": "1015248",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015248"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-11-21T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in Symantec Dynamic VPN Services, as used in Enterprise Firewall, Gateway Security, and Firewall /VPN Appliance products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2009-02-26T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "1015247",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015247"
            },
            {
              "name": "17684",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17684"
            },
            {
              "name": "ADV-2005-2517",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2005/2517"
            },
            {
              "name": "1015249",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015249"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html"
            },
            {
              "name": "1015248",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015248"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2005-3768",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in Symantec Dynamic VPN Services, as used in Enterprise Firewall, Gateway Security, and Firewall /VPN Appliance products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1015247",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015247"
                },
                {
                  "name": "17684",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17684"
                },
                {
                  "name": "ADV-2005-2517",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2005/2517"
                },
                {
                  "name": "1015249",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015249"
                },
                {
                  "name": "http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html",
                  "refsource": "CONFIRM",
                  "url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html"
                },
                {
                  "name": "1015248",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015248"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2005-3768",
        "datePublished": "2005-11-23T00:00:00.000Z",
        "dateReserved": "2005-11-22T00:00:00.000Z",
        "dateUpdated": "2024-08-07T23:24:36.178Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2002-1937 (GCVE-0-2002-1937)

    Vulnerability from cvelistv5 – Published: 2005-06-28 04:00 – Updated: 2024-09-16 16:38
    VLAI
    Summary
    Symantec Firewall/VPN Appliance 100 through 200R hardcodes the administrator's MAC address inside the firewall's configuration, which allows remote attackers to spoof the administrator's MAC address and perform an ARP poisoning man-in-the-middle attack to obtain the administrator's password.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T03:43:33.610Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20021022 Re:  Sniffing Administrator\u0027s Password in Symantec Firewall/VPN Appliance V. 200R",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0329.html"
              },
              {
                "name": "firewallvpn-arp-mitm(10442)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "http://www.iss.net/security_center/static/10442.php"
              },
              {
                "name": "20021022 Sniffing Administrator\u0027s Password in Symantec Firewall/VPN Appliance V. 200R",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0314.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Symantec Firewall/VPN Appliance 100 through 200R hardcodes the administrator\u0027s MAC address inside the firewall\u0027s configuration, which allows remote attackers to spoof the administrator\u0027s MAC address and perform an ARP poisoning man-in-the-middle attack to obtain the administrator\u0027s password."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2005-06-28T04:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20021022 Re:  Sniffing Administrator\u0027s Password in Symantec Firewall/VPN Appliance V. 200R",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0329.html"
            },
            {
              "name": "firewallvpn-arp-mitm(10442)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "http://www.iss.net/security_center/static/10442.php"
            },
            {
              "name": "20021022 Sniffing Administrator\u0027s Password in Symantec Firewall/VPN Appliance V. 200R",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0314.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2002-1937",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Symantec Firewall/VPN Appliance 100 through 200R hardcodes the administrator\u0027s MAC address inside the firewall\u0027s configuration, which allows remote attackers to spoof the administrator\u0027s MAC address and perform an ARP poisoning man-in-the-middle attack to obtain the administrator\u0027s password."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20021022 Re:  Sniffing Administrator\u0027s Password in Symantec Firewall/VPN Appliance V. 200R",
                  "refsource": "BUGTRAQ",
                  "url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0329.html"
                },
                {
                  "name": "firewallvpn-arp-mitm(10442)",
                  "refsource": "XF",
                  "url": "http://www.iss.net/security_center/static/10442.php"
                },
                {
                  "name": "20021022 Sniffing Administrator\u0027s Password in Symantec Firewall/VPN Appliance V. 200R",
                  "refsource": "BUGTRAQ",
                  "url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0314.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2002-1937",
        "datePublished": "2005-06-28T04:00:00.000Z",
        "dateReserved": "2005-06-28T04:00:00.000Z",
        "dateUpdated": "2024-09-16T16:38:24.973Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-1474 (GCVE-0-2004-1474)

    Vulnerability from cvelistv5 – Published: 2005-02-13 05:00 – Updated: 2024-08-08 00:53
    VLAI
    Summary
    Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 and Gateway Security 320, 360, and 360R running firmware before 622 uses a default read/write SNMP community string, which allows remote attackers to alter the firewall's configuration file.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/12635 third-party-advisoryx_refsource_SECUNIA
    http://securityresponse.symantec.com/avcenter/sec… x_refsource_CONFIRM
    http://www.kb.cert.org/vuls/id/173910 third-party-advisoryx_refsource_CERT-VN
    http://marc.info/?l=bugtraq&m=109588376426070&w=2 mailing-listx_refsource_BUGTRAQ
    http://www.osvdb.org/10206 vdb-entryx_refsource_OSVDB
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/bid/11237 vdb-entryx_refsource_BID
    Date Public
    2004-09-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:53:24.010Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "12635",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/12635"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html"
              },
              {
                "name": "VU#173910",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/173910"
              },
              {
                "name": "20040922 Multiple Vulnerabilities in Symantec Enterprise Firewall/Gateway Security Products",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=109588376426070\u0026w=2"
              },
              {
                "name": "10206",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/10206"
              },
              {
                "name": "symantec-default-snmp(17471)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17471"
              },
              {
                "name": "11237",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/11237"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-09-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 and Gateway Security 320, 360, and 360R running firmware before 622 uses a default read/write SNMP community string, which allows remote attackers to alter the firewall\u0027s configuration file."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "12635",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/12635"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html"
            },
            {
              "name": "VU#173910",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/173910"
            },
            {
              "name": "20040922 Multiple Vulnerabilities in Symantec Enterprise Firewall/Gateway Security Products",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=109588376426070\u0026w=2"
            },
            {
              "name": "10206",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/10206"
            },
            {
              "name": "symantec-default-snmp(17471)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17471"
            },
            {
              "name": "11237",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/11237"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-1474",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 and Gateway Security 320, 360, and 360R running firmware before 622 uses a default read/write SNMP community string, which allows remote attackers to alter the firewall\u0027s configuration file."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "12635",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/12635"
                },
                {
                  "name": "http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html",
                  "refsource": "CONFIRM",
                  "url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html"
                },
                {
                  "name": "VU#173910",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/173910"
                },
                {
                  "name": "20040922 Multiple Vulnerabilities in Symantec Enterprise Firewall/Gateway Security Products",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=109588376426070\u0026w=2"
                },
                {
                  "name": "10206",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/10206"
                },
                {
                  "name": "symantec-default-snmp(17471)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17471"
                },
                {
                  "name": "11237",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/11237"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-1474",
        "datePublished": "2005-02-13T05:00:00.000Z",
        "dateReserved": "2005-02-13T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:53:24.010Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-1472 (GCVE-0-2004-1472)

    Vulnerability from cvelistv5 – Published: 2005-02-13 05:00 – Updated: 2024-08-08 00:53
    VLAI
    Summary
    Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 allow remote attackers to cause a denial of service (device freeze) via a fast UDP port scan on the WAN interface.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/12635 third-party-advisoryx_refsource_SECUNIA
    http://securityresponse.symantec.com/avcenter/sec… x_refsource_CONFIRM
    http://marc.info/?l=bugtraq&m=109588376426070&w=2 mailing-listx_refsource_BUGTRAQ
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.kb.cert.org/vuls/id/441078 third-party-advisoryx_refsource_CERT-VN
    http://www.securityfocus.com/bid/11237 vdb-entryx_refsource_BID
    http://www.osvdb.org/10204 vdb-entryx_refsource_OSVDB
    Date Public
    2004-09-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:53:23.927Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "12635",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/12635"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html"
              },
              {
                "name": "20040922 Multiple Vulnerabilities in Symantec Enterprise Firewall/Gateway Security Products",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=109588376426070\u0026w=2"
              },
              {
                "name": "symantec-firewallvpn-udp-dos(17469)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17469"
              },
              {
                "name": "VU#441078",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/441078"
              },
              {
                "name": "11237",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/11237"
              },
              {
                "name": "10204",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/10204"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-09-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 allow remote attackers to cause a denial of service (device freeze) via a fast UDP port scan on the WAN interface."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "12635",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/12635"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html"
            },
            {
              "name": "20040922 Multiple Vulnerabilities in Symantec Enterprise Firewall/Gateway Security Products",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=109588376426070\u0026w=2"
            },
            {
              "name": "symantec-firewallvpn-udp-dos(17469)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17469"
            },
            {
              "name": "VU#441078",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/441078"
            },
            {
              "name": "11237",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/11237"
            },
            {
              "name": "10204",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/10204"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-1472",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 allow remote attackers to cause a denial of service (device freeze) via a fast UDP port scan on the WAN interface."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "12635",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/12635"
                },
                {
                  "name": "http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html",
                  "refsource": "CONFIRM",
                  "url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html"
                },
                {
                  "name": "20040922 Multiple Vulnerabilities in Symantec Enterprise Firewall/Gateway Security Products",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=109588376426070\u0026w=2"
                },
                {
                  "name": "symantec-firewallvpn-udp-dos(17469)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17469"
                },
                {
                  "name": "VU#441078",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/441078"
                },
                {
                  "name": "11237",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/11237"
                },
                {
                  "name": "10204",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/10204"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-1472",
        "datePublished": "2005-02-13T05:00:00.000Z",
        "dateReserved": "2005-02-13T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:53:23.927Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-1473 (GCVE-0-2004-1473)

    Vulnerability from cvelistv5 – Published: 2005-02-13 05:00 – Updated: 2024-08-08 00:53
    VLAI
    Summary
    Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 and Gateway Security 320, 360, and 360R running firmware before 622 allow remote attackers to bypass filtering and determine whether the device is running services such as tftpd, snmpd, or isakmp via a UDP port scan with a source port of UDP 53.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/12635 third-party-advisoryx_refsource_SECUNIA
    http://securityresponse.symantec.com/avcenter/sec… x_refsource_CONFIRM
    http://marc.info/?l=bugtraq&m=109588376426070&w=2 mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/11237 vdb-entryx_refsource_BID
    http://www.osvdb.org/10205 vdb-entryx_refsource_OSVDB
    http://www.kb.cert.org/vuls/id/329230 third-party-advisoryx_refsource_CERT-VN
    Date Public
    2004-09-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:53:23.948Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "symantec-udp-obtain-info(17470)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17470"
              },
              {
                "name": "12635",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/12635"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html"
              },
              {
                "name": "20040922 Multiple Vulnerabilities in Symantec Enterprise Firewall/Gateway Security Products",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=109588376426070\u0026w=2"
              },
              {
                "name": "11237",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/11237"
              },
              {
                "name": "10205",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/10205"
              },
              {
                "name": "VU#329230",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/329230"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-09-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 and Gateway Security 320, 360, and 360R running firmware before 622 allow remote attackers to bypass filtering and determine whether the device is running services such as tftpd, snmpd, or isakmp via a UDP port scan with a source port of UDP 53."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "symantec-udp-obtain-info(17470)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17470"
            },
            {
              "name": "12635",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/12635"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html"
            },
            {
              "name": "20040922 Multiple Vulnerabilities in Symantec Enterprise Firewall/Gateway Security Products",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=109588376426070\u0026w=2"
            },
            {
              "name": "11237",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/11237"
            },
            {
              "name": "10205",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/10205"
            },
            {
              "name": "VU#329230",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/329230"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-1473",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 and Gateway Security 320, 360, and 360R running firmware before 622 allow remote attackers to bypass filtering and determine whether the device is running services such as tftpd, snmpd, or isakmp via a UDP port scan with a source port of UDP 53."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "symantec-udp-obtain-info(17470)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17470"
                },
                {
                  "name": "12635",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/12635"
                },
                {
                  "name": "http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html",
                  "refsource": "CONFIRM",
                  "url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html"
                },
                {
                  "name": "20040922 Multiple Vulnerabilities in Symantec Enterprise Firewall/Gateway Security Products",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=109588376426070\u0026w=2"
                },
                {
                  "name": "11237",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/11237"
                },
                {
                  "name": "10205",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/10205"
                },
                {
                  "name": "VU#329230",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/329230"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-1473",
        "datePublished": "2005-02-13T05:00:00.000Z",
        "dateReserved": "2005-02-13T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:53:23.948Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-0190 (GCVE-0-2004-0190)

    Vulnerability from cvelistv5 – Published: 2004-09-01 04:00 – Updated: 2024-08-08 00:10
    VLAI
    Summary
    Symantec FireWall/VPN Appliance model 200 records a cleartext password for the password administration page, which may be cached on the administrator's local system or in a proxy, which allows attackers to steal the password and gain privileges.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://marc.info/?l=bugtraq&m=107694794031839&w=2 mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/9784 vdb-entryx_refsource_BID
    http://www.osvdb.org/4117 vdb-entryx_refsource_OSVDB
    http://lists.grok.org.uk/pipermail/full-disclosur… mailing-listx_refsource_FULLDISC
    Date Public
    2004-02-16 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:10:03.624Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "symantec-firewallvpn-password-plaintext(15212)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15212"
              },
              {
                "name": "20040216 Symantec FireWall/VPN Appliance model 200 leak of security",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=107694794031839\u0026w=2"
              },
              {
                "name": "9784",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/9784"
              },
              {
                "name": "4117",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/4117"
              },
              {
                "name": "20040216 Symantec FireWall/VPN Appliance model 200 leak of security",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-February/017414.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-02-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Symantec FireWall/VPN Appliance model 200 records a cleartext password for the password administration page, which may be cached on the administrator\u0027s local system or in a proxy, which allows attackers to steal the password and gain privileges."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2004-08-18T00:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "symantec-firewallvpn-password-plaintext(15212)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15212"
            },
            {
              "name": "20040216 Symantec FireWall/VPN Appliance model 200 leak of security",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=107694794031839\u0026w=2"
            },
            {
              "name": "9784",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/9784"
            },
            {
              "name": "4117",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/4117"
            },
            {
              "name": "20040216 Symantec FireWall/VPN Appliance model 200 leak of security",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-February/017414.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-0190",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Symantec FireWall/VPN Appliance model 200 records a cleartext password for the password administration page, which may be cached on the administrator\u0027s local system or in a proxy, which allows attackers to steal the password and gain privileges."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "symantec-firewallvpn-password-plaintext(15212)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15212"
                },
                {
                  "name": "20040216 Symantec FireWall/VPN Appliance model 200 leak of security",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=107694794031839\u0026w=2"
                },
                {
                  "name": "9784",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/9784"
                },
                {
                  "name": "4117",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/4117"
                },
                {
                  "name": "20040216 Symantec FireWall/VPN Appliance model 200 leak of security",
                  "refsource": "FULLDISC",
                  "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-February/017414.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-0190",
        "datePublished": "2004-09-01T04:00:00.000Z",
        "dateReserved": "2004-03-03T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:10:03.624Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }