var-200412-0170
Vulnerability from variot
Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 and Gateway Security 320, 360, and 360R running firmware before 622 allow remote attackers to bypass filtering and determine whether the device is running services such as tftpd, snmpd, or isakmp via a UDP port scan with a source port of UDP 53. These issues are due to a failure of the application to handle exceptional conditions, a default configuration issue exists as well. An attacker can leverage a denial of service issue to cause the affected appliance to stop responding, requiring a power off to bring the device back to functionality. A filter bypass issue allows an attacker to bypass the filters on the 'tftpd', 'snmpd', and 'isakmp' services. An attacker can also read and write the community string of the affected device by default, facilitating disclosure and altering of the device's settings. Symantec Nexland legacy firewall appliances are also affected by these issues. Symantec Enterprise Firewall/VPN is an enterprise-level firewall/VPN system. Symantec Enterprise Firewall/VPN has a default public string, and remote attackers can use this value to obtain sensitive information or perform some configuration operations. Firewalls have default read/write public strings that allow attackers to collect and change firewall configurations. By combining other vulnerabilities, an attacker can send SNMP GET/SET requests to the WAN interface
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200412-0170",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "symantec",
"version": null
},
{
"model": "gateway security 360",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "*"
},
{
"model": "gateway security 320",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "*"
},
{
"model": "firewall vpn appliance 200r",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "*"
},
{
"model": "firewall vpn appliance 200",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "*"
},
{
"model": "nexland pro800 firewall appliance",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "*"
},
{
"model": "nexland wavebase firewall appliance",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "*"
},
{
"model": "firewall vpn appliance 100",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "*"
},
{
"model": "nexland pro800turbo firewall appliance",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "*"
},
{
"model": "nexland pro400 firewall appliance",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "*"
},
{
"model": "gateway security 360r",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "*"
},
{
"model": "nexland isb soho firewall appliance",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "*"
},
{
"model": "nexland pro100 firewall appliance",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "*"
},
{
"model": "nexland wavebase firewall appliance",
"scope": null,
"trust": 0.9,
"vendor": "symantec",
"version": null
},
{
"model": "nexland pro800turbo firewall appliance",
"scope": null,
"trust": 0.9,
"vendor": "symantec",
"version": null
},
{
"model": "nexland pro100 firewall appliance",
"scope": null,
"trust": 0.9,
"vendor": "symantec",
"version": null
},
{
"model": "nexland isb soho firewall appliance",
"scope": null,
"trust": 0.9,
"vendor": "symantec",
"version": null
},
{
"model": "gateway security 360r",
"scope": null,
"trust": 0.9,
"vendor": "symantec",
"version": null
},
{
"model": "gateway security 360",
"scope": null,
"trust": 0.6,
"vendor": "symantec",
"version": null
},
{
"model": "firewall vpn appliance 200r",
"scope": null,
"trust": 0.6,
"vendor": "symantec",
"version": null
},
{
"model": "firewall vpn appliance 100",
"scope": null,
"trust": 0.6,
"vendor": "symantec",
"version": null
},
{
"model": "gateway security 320",
"scope": null,
"trust": 0.6,
"vendor": "symantec",
"version": null
},
{
"model": "firewall vpn appliance 200",
"scope": null,
"trust": 0.6,
"vendor": "symantec",
"version": null
},
{
"model": "nexland pro800 firewall appliance",
"scope": null,
"trust": 0.3,
"vendor": "symantec",
"version": null
},
{
"model": "nexland pro400 firewall appliance",
"scope": null,
"trust": 0.3,
"vendor": "symantec",
"version": null
},
{
"model": "gateway security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "360"
},
{
"model": "gateway security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "320"
},
{
"model": "firewall/vpn appliance 200r",
"scope": null,
"trust": 0.3,
"vendor": "symantec",
"version": null
},
{
"model": "firewall/vpn appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "200"
},
{
"model": "firewall/vpn appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "100"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#441078"
},
{
"db": "CERT/CC",
"id": "VU#329230"
},
{
"db": "CERT/CC",
"id": "VU#173910"
},
{
"db": "BID",
"id": "11237"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-900"
},
{
"db": "NVD",
"id": "CVE-2004-1473"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mike Sues\u203b msues@rigelksecurity.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200412-900"
}
],
"trust": 0.6
},
"cve": "CVE-2004-1473",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2004-1473",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-9903",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2004-1473",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#441078",
"trust": 0.8,
"value": "5.78"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#329230",
"trust": 0.8,
"value": "6.06"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#173910",
"trust": 0.8,
"value": "15.59"
},
{
"author": "CNNVD",
"id": "CNNVD-200412-900",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-9903",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#441078"
},
{
"db": "CERT/CC",
"id": "VU#329230"
},
{
"db": "CERT/CC",
"id": "VU#173910"
},
{
"db": "VULHUB",
"id": "VHN-9903"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-900"
},
{
"db": "NVD",
"id": "CVE-2004-1473"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 and Gateway Security 320, 360, and 360R running firmware before 622 allow remote attackers to bypass filtering and determine whether the device is running services such as tftpd, snmpd, or isakmp via a UDP port scan with a source port of UDP 53. These issues are due to a failure of the application to handle exceptional conditions, a default configuration issue exists as well. \nAn attacker can leverage a denial of service issue to cause the affected appliance to stop responding, requiring a power off to bring the device back to functionality. A filter bypass issue allows an attacker to bypass the filters on the \u0027tftpd\u0027, \u0027snmpd\u0027, and \u0027isakmp\u0027 services. An attacker can also read and write the community string of the affected device by default, facilitating disclosure and altering of the device\u0027s settings. \nSymantec Nexland legacy firewall appliances are also affected by these issues. Symantec Enterprise Firewall/VPN is an enterprise-level firewall/VPN system. Symantec Enterprise Firewall/VPN has a default public string, and remote attackers can use this value to obtain sensitive information or perform some configuration operations. Firewalls have default read/write public strings that allow attackers to collect and change firewall configurations. By combining other vulnerabilities, an attacker can send SNMP GET/SET requests to the WAN interface",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-1473"
},
{
"db": "CERT/CC",
"id": "VU#441078"
},
{
"db": "CERT/CC",
"id": "VU#329230"
},
{
"db": "CERT/CC",
"id": "VU#173910"
},
{
"db": "BID",
"id": "11237"
},
{
"db": "VULHUB",
"id": "VHN-9903"
}
],
"trust": 3.42
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "11237",
"trust": 4.4
},
{
"db": "SECUNIA",
"id": "12635",
"trust": 4.1
},
{
"db": "CERT/CC",
"id": "VU#329230",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1011389",
"trust": 2.4
},
{
"db": "NVD",
"id": "CVE-2004-1473",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "10205",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1011388",
"trust": 1.6
},
{
"db": "CERT/CC",
"id": "VU#441078",
"trust": 0.8
},
{
"db": "OSVDB",
"id": "10206",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#173910",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200412-900",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "6941",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "6943",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "6943\u203b6942\u203b6941",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "6942",
"trust": 0.6
},
{
"db": "XF",
"id": "17470",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20040922 MULTIPLE VULNERABILITIES IN SYMANTEC ENTERPRISE FIREWALL/GATEWAY SECURITY PRODUCTS",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-9903",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#441078"
},
{
"db": "CERT/CC",
"id": "VU#329230"
},
{
"db": "CERT/CC",
"id": "VU#173910"
},
{
"db": "VULHUB",
"id": "VHN-9903"
},
{
"db": "BID",
"id": "11237"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-900"
},
{
"db": "NVD",
"id": "CVE-2004-1473"
}
]
},
"id": "VAR-200412-0170",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-9903"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T14:00:44.819000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-1473"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 4.1,
"url": "http://www.securityfocus.com/bid/11237"
},
{
"trust": 2.4,
"url": "http://www.sarc.com/avcenter/security/content/2004.09.22.html"
},
{
"trust": 2.4,
"url": "http://www.rigelksecurity.com/services/svcs_sec_advis.html"
},
{
"trust": 2.4,
"url": "http://secunia.com/advisories/12635/"
},
{
"trust": 2.4,
"url": "http://www.securitytracker.com/alerts/2004/sep/1011389.html"
},
{
"trust": 2.0,
"url": "http://securityresponse.symantec.com/avcenter/security/content/2004.09.22.html"
},
{
"trust": 1.7,
"url": "http://www.kb.cert.org/vuls/id/329230"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/10205"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/12635"
},
{
"trust": 1.6,
"url": "http://www.securitytracker.com/alerts/2004/sep/1011388.html"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17470"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=109588376426070\u0026w=2"
},
{
"trust": 0.8,
"url": "http://www.osvdb.org/displayvuln.php?osvdb_id=10206"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/17470"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=109588376426070\u0026w=2"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/6943\u203b6942\u203b6941"
},
{
"trust": 0.3,
"url": "http://www.symantec.com/techsupp"
},
{
"trust": 0.3,
"url": "http://enterprisesecurity.symantec.com/products/products.cfm?productid=133\u0026eid=0"
},
{
"trust": 0.3,
"url": "http://www.symantec.com"
},
{
"trust": 0.3,
"url": "/archive/1/376029"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=109588376426070\u0026amp;w=2"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#441078"
},
{
"db": "CERT/CC",
"id": "VU#329230"
},
{
"db": "CERT/CC",
"id": "VU#173910"
},
{
"db": "VULHUB",
"id": "VHN-9903"
},
{
"db": "BID",
"id": "11237"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-900"
},
{
"db": "NVD",
"id": "CVE-2004-1473"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#441078"
},
{
"db": "CERT/CC",
"id": "VU#329230"
},
{
"db": "CERT/CC",
"id": "VU#173910"
},
{
"db": "VULHUB",
"id": "VHN-9903"
},
{
"db": "BID",
"id": "11237"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-900"
},
{
"db": "NVD",
"id": "CVE-2004-1473"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-10-20T00:00:00",
"db": "CERT/CC",
"id": "VU#441078"
},
{
"date": "2004-10-20T00:00:00",
"db": "CERT/CC",
"id": "VU#329230"
},
{
"date": "2004-10-20T00:00:00",
"db": "CERT/CC",
"id": "VU#173910"
},
{
"date": "2004-12-31T00:00:00",
"db": "VULHUB",
"id": "VHN-9903"
},
{
"date": "2004-09-22T00:00:00",
"db": "BID",
"id": "11237"
},
{
"date": "2004-09-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200412-900"
},
{
"date": "2004-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2004-1473"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-10-20T00:00:00",
"db": "CERT/CC",
"id": "VU#441078"
},
{
"date": "2004-10-20T00:00:00",
"db": "CERT/CC",
"id": "VU#329230"
},
{
"date": "2004-10-20T00:00:00",
"db": "CERT/CC",
"id": "VU#173910"
},
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-9903"
},
{
"date": "2004-09-22T00:00:00",
"db": "BID",
"id": "11237"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200412-900"
},
{
"date": "2017-07-11T01:31:03.857000",
"db": "NVD",
"id": "CVE-2004-1473"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200412-900"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Symantec Firewall/VPN appliance vulnerable to DoS via UDP port scan",
"sources": [
{
"db": "CERT/CC",
"id": "VU#441078"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200412-900"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.