Secunia Security Advisory - A vulnerability has been reported in various Symantec gateway products, which can be exploited by malicious people to poison the DNS cache.
ea052e2edbc2c2ab9a4618f7a2be196eaa02fdd27eafadd2f55ba418ea513eff
----------------------------------------------------------------------
Monitor, Filter, and Manage Security Information
- Filtering and Management of Secunia advisories
- Overview, documentation, and detailed reports
- Alerting via email and SMS
Request Trial:
https://ca.secunia.com/?f=l
----------------------------------------------------------------------
TITLE:
Symantec Products Unspecified DNS Cache Poisoning Vulnerability
SECUNIA ADVISORY ID:
SA14595
VERIFY ADVISORY:
http://secunia.com/advisories/14595/
CRITICAL:
Moderately critical
IMPACT:
Spoofing, Manipulation of data
WHERE:
>From remote
OPERATING SYSTEM:
Symantec VelociRaptor 1.5
http://secunia.com/product/174/
Symantec Gateway Security 2.x
http://secunia.com/product/3104/
Symantec Gateway Security 1.x
http://secunia.com/product/876/
SOFTWARE:
Symantec Enterprise Firewall (SEF) 8.x
http://secunia.com/product/3587/
Symantec Enterprise Firewall (SEF) 7.x
http://secunia.com/product/514/
DESCRIPTION:
A vulnerability has been reported in various Symantec gateway
products, which can be exploited by malicious people to poison the
DNS cache.
The vulnerability is caused due to an unspecified error in the DNS
proxy (DNSd) when functioning as a DNS caching server or primary DNS
server and can be exploited to poison the DNS cache.
The vulnerability may be related to:
SA11888
The following products are affected:
* Symantec Gateway Security 5400 Series, v2.x
* Symantec Gateway Security 5300 Series, v1.0
* Symantec Enterprise Firewall, v7.0.x (Windows and Solaris)
* Symantec Enterprise Firewall v8.0 (Windows and Solaris)
* Symantec VelociRaptor, Model 1100/1200/1300 v1.5
NOTE: This has already been exploited in the wild.
SOLUTION:
The vendor has issued hotfixes.
http://www.symantec.com/techsupp
ORIGINAL ADVISORY:
Symantec:
http://securityresponse.symantec.com/avcenter/security/Content/2005.03.15.html
http://service1.symantec.com/support/ent-gate.nsf/docid/2005030417285454
OTHER REFERENCES:
SA11888:
http://secunia.com/advisories/11888/
Internet Storm Center:
http://www.isc.sans.org/diary.php?date=2005-03-04
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed