var-200505-0530
Vulnerability from variot
Unknown vulnerability in the DNSd proxy, as used in Symantec Gateway Security 5400 2.x and 5300 1.x, Enterprise Firewall 7.0.x and 8.x, and VelociRaptor 1100/1200/1300 1.5, allows remote attackers to poison the DNS cache and redirect users to malicious sites. The underlying issue causing this vulnerability is currently unknown. An attacker may leverage this issue to manipulate cache data, potentially facilitating man-in-the-middle, site impersonation, or denial of service attacks.
The vulnerability is caused due to an unspecified error in the DNS proxy (DNSd) when functioning as a DNS caching server or primary DNS server and can be exploited to poison the DNS cache.
SOLUTION: The vendor has issued hotfixes. http://www.symantec.com/techsupp
ORIGINAL ADVISORY: Symantec: http://securityresponse.symantec.com/avcenter/security/Content/2005.03.15.html http://service1.symantec.com/support/ent-gate.nsf/docid/2005030417285454
OTHER REFERENCES: SA11888: http://secunia.com/advisories/11888/
Internet Storm Center: http://www.isc.sans.org/diary.php?date=2005-03-04
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200505-0530",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "velociraptor",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "model_1300"
},
{
"model": "gateway security 5300",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "1.0"
},
{
"model": "gateway security 5400",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "2.0"
},
{
"model": "enterprise firewall",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "8.0"
},
{
"model": "enterprise firewall",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "7.0"
},
{
"model": "velociraptor",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "13001.5"
},
{
"model": "velociraptor",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "1300"
},
{
"model": "velociraptor",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "12001.5"
},
{
"model": "velociraptor",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "1200"
},
{
"model": "velociraptor",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11001.5"
},
{
"model": "velociraptor",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "1100"
},
{
"model": "gateway security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "54002.0.1"
},
{
"model": "gateway security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "54002.0"
},
{
"model": "gateway security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "53001.0"
},
{
"model": "gateway security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5300"
},
{
"model": "enterprise firewall solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0"
},
{
"model": "enterprise firewall nt/2000",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0"
},
{
"model": "enterprise firewall solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.0"
},
{
"model": "enterprise firewall nt/2000",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.0"
}
],
"sources": [
{
"db": "BID",
"id": "12818"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-240"
},
{
"db": "NVD",
"id": "CVE-2005-0817"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The individual or individuals responsible for the discovery of this issue are currently unknown; the vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "12818"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-240"
}
],
"trust": 0.9
},
"cve": "CVE-2005-0817",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2005-0817",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-12026",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2005-0817",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200505-240",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-12026",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-12026"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-240"
},
{
"db": "NVD",
"id": "CVE-2005-0817"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown vulnerability in the DNSd proxy, as used in Symantec Gateway Security 5400 2.x and 5300 1.x, Enterprise Firewall 7.0.x and 8.x, and VelociRaptor 1100/1200/1300 1.5, allows remote attackers to poison the DNS cache and redirect users to malicious sites. The underlying issue causing this vulnerability is currently unknown. \nAn attacker may leverage this issue to manipulate cache data, potentially facilitating man-in-the-middle, site impersonation, or denial of service attacks. \n\nThe vulnerability is caused due to an unspecified error in the DNS\nproxy (DNSd) when functioning as a DNS caching server or primary DNS\nserver and can be exploited to poison the DNS cache. \n\nSOLUTION:\nThe vendor has issued hotfixes. \nhttp://www.symantec.com/techsupp\n\nORIGINAL ADVISORY:\nSymantec:\nhttp://securityresponse.symantec.com/avcenter/security/Content/2005.03.15.html\nhttp://service1.symantec.com/support/ent-gate.nsf/docid/2005030417285454\n\nOTHER REFERENCES:\nSA11888:\nhttp://secunia.com/advisories/11888/\n\nInternet Storm Center:\nhttp://www.isc.sans.org/diary.php?date=2005-03-04\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2005-0817"
},
{
"db": "BID",
"id": "12818"
},
{
"db": "VULHUB",
"id": "VHN-12026"
},
{
"db": "PACKETSTORM",
"id": "36656"
}
],
"trust": 1.35
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2005-0817",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "14595",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1013451",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200505-240",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20040615 SYMANTEC ENTERPRISE FIREWALL DNSD CACHE POISONING VULNERABILITY",
"trust": 0.6
},
{
"db": "XF",
"id": "44530",
"trust": 0.6
},
{
"db": "XF",
"id": "16423",
"trust": 0.6
},
{
"db": "BID",
"id": "12818",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-12026",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "36656",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-12026"
},
{
"db": "BID",
"id": "12818"
},
{
"db": "PACKETSTORM",
"id": "36656"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-240"
},
{
"db": "NVD",
"id": "CVE-2005-0817"
}
]
},
"id": "VAR-200505-0530",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-12026"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T22:20:17.255000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-0817"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://securityresponse.symantec.com/avcenter/security/content/2005.03.15.html"
},
{
"trust": 1.8,
"url": "http://www.isc.sans.org/diary.php?date=2005-03-04"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/bugtraq/2004-06/0225.html"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1013451"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/14595"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16423"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44530"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/44530"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/16423"
},
{
"trust": 0.3,
"url": "http://enterprisesecurity.symantec.com/products/products.cfm?productid=47"
},
{
"trust": 0.3,
"url": "http://enterprisesecurity.symantec.com/products/products.cfm?productid=133\u0026eid=0"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/3104/"
},
{
"trust": 0.1,
"url": "http://www.symantec.com/techsupp"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/11888/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/174/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/14595/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/3587/"
},
{
"trust": 0.1,
"url": "http://service1.symantec.com/support/ent-gate.nsf/docid/2005030417285454"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/514/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?f=l"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/876/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-12026"
},
{
"db": "BID",
"id": "12818"
},
{
"db": "PACKETSTORM",
"id": "36656"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-240"
},
{
"db": "NVD",
"id": "CVE-2005-0817"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-12026"
},
{
"db": "BID",
"id": "12818"
},
{
"db": "PACKETSTORM",
"id": "36656"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-240"
},
{
"db": "NVD",
"id": "CVE-2005-0817"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-05-02T00:00:00",
"db": "VULHUB",
"id": "VHN-12026"
},
{
"date": "2005-03-16T00:00:00",
"db": "BID",
"id": "12818"
},
{
"date": "2005-03-22T05:21:38",
"db": "PACKETSTORM",
"id": "36656"
},
{
"date": "2005-05-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200505-240"
},
{
"date": "2005-05-02T04:00:00",
"db": "NVD",
"id": "CVE-2005-0817"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-12026"
},
{
"date": "2009-07-12T10:56:00",
"db": "BID",
"id": "12818"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200505-240"
},
{
"date": "2024-11-20T23:55:58.040000",
"db": "NVD",
"id": "CVE-2005-0817"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200505-240"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Symantec Gateway Security Unknown remote DNS Cache poisoning vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200505-240"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200505-240"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.