Secunia Security Advisory - Symantec has acknowledged three vulnerabilities in the Nexland Firewall Appliances, which can be exploited by malicious people to cause a DoS (Denial of Service), identify active services, and manipulate the firewall configuration.
4803087c1aa3833fb14343e12dda8b3921d0e4b3b4444fe122440c1e47937c9f
TITLE:
Symantec Nexland Firewall Appliances Three Vulnerabilities
SECUNIA ADVISORY ID:
SA13671
VERIFY ADVISORY:
http://secunia.com/advisories/13671/
CRITICAL:
Highly critical
IMPACT:
Security Bypass, Manipulation of data, DoS
WHERE:
>From remote
OPERATING SYSTEM:
Symantec Nexland Firewall Appliances 1.x
http://secunia.com/product/4466/
DESCRIPTION:
Symantec has acknowledged three vulnerabilities in the Nexland
Firewall Appliances, which can be exploited by malicious people to
cause a DoS (Denial of Service), identify active services, and
manipulate the firewall configuration.
For more information:
SA12635
The vulnerabilities affect the following products:
* Nexland ISB SOHO Firewall Appliance(firmware builds prior to build
16U)
* Nexland Pro100, Pro400 Firewall Appliances (firmware builds prior
to build 16U)
* Nexland Pro800, Pro800turbo Firewall Appliances (firmware builds
prior to build 16U)
* Nexland WaveBase Firewall Appliances (firmware builds prior to
build 16U)
SOLUTION:
Update to firmware build 16U.
http://www.symantec.com/techsupp/
PROVIDED AND/OR DISCOVERED BY:
Reported by vendor.
ORIGINAL ADVISORY:
Symantec:
http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html
ftp://ftp.symantec.com/public/english_us_canada/products/nexland/firmware/pro400_16u/readme.rtf
OTHER REFERENCES:
SA12635:
http://secunia.com/advisories/12635/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------