Details of VAR-200304-0054

ID

VAR-200304-0054

CVE

CVE-2003-0106

TITLE

Symantec Enterprise Firewall of URL Vulnerabilities that bypass the filtering function

Trust: 0.8

sources: JVNDB: JVNDB-2003-000097

DESCRIPTION

The HTTP proxy for Symantec Enterprise Firewall (SEF) 7.0 allows proxy users to bypass pattern matching for blocked URLs via requests that are URL-encoded with escapes, Unicode, or UTF-8. When a URL containing a pattern that matches a pattern blocking rule is submitted by a user behind the firewall, that HTTP request will be blocked. The URL rule filtering of the Symantec enterprise firewall lacks proper handling of some codes, and remote attackers can use this vulnerability to bypass security policies and access restricted resources. The HTTP pattern matching function is completed by analyzing the HTTP URL format and comparing the predefined feature database. When the configuration is successful, the request will be blocked and the \'\'403 Forbidden error\'\' message will be returned. However, if the requested URL uses a special encoding (such as escape code, Unicode, UTF-8, etc.), the parsing of the pattern matching will fail, and the attacker successfully bypasses the security rules and accesses the restricted resource

Trust: 1.98

sources: NVD: CVE-2003-0106 // JVNDB: JVNDB-2003-000097 // BID: 7196 // VULHUB: VHN-6936

AFFECTED PRODUCTS

vendor:	symantec	model:	enterprise firewall	scope:	eq	version:	7.0	Trust: 2.4
vendor:	symantec	model:	enterprise firewall solaris	scope:	eq	version:	7.0	Trust: 0.3
vendor:	symantec	model:	enterprise firewall nt/2000	scope:	eq	version:	7.0	Trust: 0.3

sources: BID: 7196 // JVNDB: JVNDB-2003-000097 // CNNVD: CNNVD-200304-026 // NVD: CVE-2003-0106

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2003-0106
value:	HIGH
Trust: 1.0
NVD:	CVE-2003-0106
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-200304-026
value:	HIGH
Trust: 0.6
VULHUB:	VHN-6936
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2003-0106
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-6936
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-6936 // JVNDB: JVNDB-2003-000097 // CNNVD: CNNVD-200304-026 // NVD: CVE-2003-0106

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2003-0106

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200304-026

TYPE

Design Error

Trust: 0.9

sources: BID: 7196 // CNNVD: CNNVD-200304-026

CONFIGURATIONS

sources: JVNDB: JVNDB-2003-000097

PATCH

title:

2003032507434754

url:

http://service1.symantec.com/SUPPORT/ent-gate.nsf/docid/2003032507434754

Trust: 0.8

sources: JVNDB: JVNDB-2003-000097

EXTERNAL IDS

db:	BID	id:	7196	Trust: 2.8
db:	NVD	id:	CVE-2003-0106	Trust: 2.8
db:	JVNDB	id:	JVNDB-2003-000097	Trust: 0.8
db:	CNNVD	id:	CNNVD-200304-026	Trust: 0.7
db:	NTBUGTRAQ	id:	20030326 CORSAIRE SECURITY ADVISORY - SYMANTEC ENTERPRISE FIREWALL (SEF) H TTP URL PATTERN EVASION ISSUE	Trust: 0.6
db:	VULNWATCH	id:	20030326 CORSAIRE SECURITY ADVISORY - SYMANTEC ENTERPRISE FIREWALL (SEF) H TTP URL PATTERN EVASION ISSUE	Trust: 0.6
db:	BUGTRAQ	id:	20030326 CORSAIRE SECURITY ADVISORY - SYMANTEC ENTERPRISE FIREWALL (SEF) H TTP URL PATTERN EVASION ISSUE	Trust: 0.6
db:	VULHUB	id:	VHN-6936	Trust: 0.1

sources: VULHUB: VHN-6936 // BID: 7196 // JVNDB: JVNDB-2003-000097 // CNNVD: CNNVD-200304-026 // NVD: CVE-2003-0106

REFERENCES

url:	http://www.securityfocus.com/bid/7196	Trust: 2.5
url:	http://service1.symantec.com/support/ent-gate.nsf/docid/2003032507434754	Trust: 2.0
url:	http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0152.html	Trust: 1.7
url:	http://marc.info/?l=bugtraq&m=104869513822233&w=2	Trust: 1.0
url:	http://marc.info/?l=ntbugtraq&m=104868285106289&w=2	Trust: 1.0
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2003-0106	Trust: 0.8
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2003-0106	Trust: 0.8
url:	http://www.securiteam.com/windowsntfocus/5tp0l1p9fk.html	Trust: 0.8
url:	http://marc.theaimsgroup.com/?l=bugtraq&m=104869513822233&w=2	Trust: 0.6
url:	http://marc.theaimsgroup.com/?l=ntbugtraq&m=104868285106289&w=2	Trust: 0.6
url:	http://www.corsaire.com/advisories/030224-002.txt	Trust: 0.3
url:	http://enterprisesecurity.symantec.com/products/products.cfm?productid=47	Trust: 0.3
url:	http://marc.info/?l=bugtraq&m=104869513822233&w=2	Trust: 0.1
url:	http://marc.info/?l=ntbugtraq&m=104868285106289&w=2	Trust: 0.1

sources: VULHUB: VHN-6936 // BID: 7196 // JVNDB: JVNDB-2003-000097 // CNNVD: CNNVD-200304-026 // NVD: CVE-2003-0106

CREDITS

Martin O'Neal※ bugtraq@corsaire.com

Trust: 0.6

sources: CNNVD: CNNVD-200304-026

SOURCES

db:	VULHUB	id:	VHN-6936
db:	BID	id:	7196
db:	JVNDB	id:	JVNDB-2003-000097
db:	CNNVD	id:	CNNVD-200304-026
db:	NVD	id:	CVE-2003-0106

LAST UPDATE DATE

2024-08-14T15:36:09.134000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-6936	date:	2016-10-18T00:00:00
db:	BID	id:	7196	date:	2009-07-11T21:06:00
db:	JVNDB	id:	JVNDB-2003-000097	date:	2007-04-01T00:00:00
db:	CNNVD	id:	CNNVD-200304-026	date:	2005-10-20T00:00:00
db:	NVD	id:	CVE-2003-0106	date:	2016-10-18T02:29:34.990

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-6936	date:	2003-04-02T00:00:00
db:	BID	id:	7196	date:	2003-03-26T00:00:00
db:	JVNDB	id:	JVNDB-2003-000097	date:	2007-04-01T00:00:00
db:	CNNVD	id:	CNNVD-200304-026	date:	2003-03-26T00:00:00
db:	NVD	id:	CVE-2003-0106	date:	2003-04-02T05:00:00