Details of VAR-200406-0052

ID

VAR-200406-0052

CVE

CVE-2004-1754

TITLE

Symantec Enterprise Firewall DNSD DNS Cache " poison " Vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200406-050

DESCRIPTION

The DNS proxy (DNSd) for multiple Symantec Gateway Security products allows remote attackers to poison the DNS cache via a malicious DNS server query response that contains authoritative or additional records. It is reported that dnsd is prone to a cache poisoning vulnerability. Dnsd does not ensure that the data returned from a remote DNS server contains related information about the requested records. An attacker could exploit this vulnerability to deny service to legitimate users by redirecting traffic to inappropriate hosts. Man-in-the-middle attacks, impersonation of sites, and other attacks may be possible. Symantec Enterprise Firewall is an enterprise-class firewall that includes DNSD proxy. Symantec Enterprise Firewall has issues with its implementation of DNSD, which could be exploited by remote attackers for man-in-the-middle, fake site, or various other attacks. An attacker can control the DNS server and return a malicious response, resulting in the insertion of a fake DNS entry in the target system, thereby attacking Attackers can carry out attacks such as man-in-the-middle attacks/denial of service/social engineering

Trust: 1.26

sources: NVD: CVE-2004-1754 // BID: 10557 // VULHUB: VHN-10184

AFFECTED PRODUCTS

vendor:	symantec	model:	enterprise firewall	scope:	eq	version:	8.0	Trust: 1.9
vendor:	symantec	model:	gateway security	scope:	eq	version:	5200_1.0	Trust: 1.6
vendor:	symantec	model:	enterprise firewall	scope:	eq	version:	7.0.4	Trust: 1.6
vendor:	symantec	model:	gateway security	scope:	eq	version:	5400_2.0	Trust: 1.6
vendor:	symantec	model:	gateway security	scope:	eq	version:	5400_2.0.1	Trust: 1.6
vendor:	symantec	model:	gateway security	scope:	eq	version:	5310_1.0	Trust: 1.6
vendor:	symantec	model:	gateway security	scope:	eq	version:	5300_1.0	Trust: 1.6
vendor:	symantec	model:	gateway security	scope:	eq	version:	5110_1.0	Trust: 1.0
vendor:	symantec	model:	gateway security	scope:	eq	version:	54002.0.1	Trust: 0.3
vendor:	symantec	model:	gateway security	scope:	eq	version:	54002.0	Trust: 0.3
vendor:	symantec	model:	gateway security	scope:	eq	version:	53101.0	Trust: 0.3
vendor:	symantec	model:	gateway security	scope:	eq	version:	53001.0	Trust: 0.3
vendor:	symantec	model:	gateway security	scope:	eq	version:	52001.0	Trust: 0.3
vendor:	symantec	model:	gateway security	scope:	eq	version:	51101.0	Trust: 0.3
vendor:	symantec	model:	enterprise firewall solaris	scope:	eq	version:	8.0	Trust: 0.3
vendor:	symantec	model:	enterprise firewall nt/2000	scope:	eq	version:	8.0	Trust: 0.3
vendor:	symantec	model:	enterprise firewall solaris	scope:	eq	version:	7.0.4	Trust: 0.3
vendor:	symantec	model:	enterprise firewall nt/2000	scope:	eq	version:	7.0.4	Trust: 0.3

sources: BID: 10557 // CNNVD: CNNVD-200406-050 // NVD: CVE-2004-1754

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2004-1754
value:	MEDIUM
Trust: 1.0
CNNVD:	CNNVD-200406-050
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-10184
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2004-1754
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-10184
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-10184 // CNNVD: CNNVD-200406-050 // NVD: CVE-2004-1754

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2004-1754

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200406-050

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-200406-050

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-10184

EXTERNAL IDS

db:	BID	id:	10557	Trust: 2.0
db:	SECUNIA	id:	11888	Trust: 1.7
db:	NVD	id:	CVE-2004-1754	Trust: 1.7
db:	CNNVD	id:	CNNVD-200406-050	Trust: 0.7
db:	BUGTRAQ	id:	20040615 SYMANTEC ENTERPRISE FIREWALL DNSD CACHE POISONING VULNERABILITY	Trust: 0.6
db:	SEEBUG	id:	SSVID-77951	Trust: 0.1
db:	EXPLOIT-DB	id:	24218	Trust: 0.1
db:	VULHUB	id:	VHN-10184	Trust: 0.1

sources: VULHUB: VHN-10184 // BID: 10557 // CNNVD: CNNVD-200406-050 // NVD: CVE-2004-1754

REFERENCES

url:	http://securityresponse.symantec.com/avcenter/security/content/2004.06.21.html	Trust: 2.0
url:	http://www.securityfocus.com/bid/10557	Trust: 1.7
url:	http://lists.virus.org/bugtraq-0406/msg00234.html	Trust: 1.7
url:	http://secunia.com/advisories/11888	Trust: 1.7
url:	http://service1.symantec.com/support/ent-gate.nsf/docid/2005030417285454	Trust: 0.3
url:	http://enterprisesecurity.symantec.com/products/products.cfm?productid=47	Trust: 0.3
url:	/archive/1/366424	Trust: 0.3
url:	/archive/1/366113	Trust: 0.3

sources: VULHUB: VHN-10184 // BID: 10557 // CNNVD: CNNVD-200406-050 // NVD: CVE-2004-1754

CREDITS

fryxar※ fryxar@datafull.com

Trust: 0.6

sources: CNNVD: CNNVD-200406-050

SOURCES

db:	VULHUB	id:	VHN-10184
db:	BID	id:	10557
db:	CNNVD	id:	CNNVD-200406-050
db:	NVD	id:	CVE-2004-1754

LAST UPDATE DATE

2024-08-14T13:40:22.532000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-10184	date:	2008-09-05T00:00:00
db:	BID	id:	10557	date:	2004-06-15T00:00:00
db:	CNNVD	id:	CNNVD-200406-050	date:	2005-10-20T00:00:00
db:	NVD	id:	CVE-2004-1754	date:	2008-09-05T20:42:15.583

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-10184	date:	2004-06-15T00:00:00
db:	BID	id:	10557	date:	2004-06-15T00:00:00
db:	CNNVD	id:	CNNVD-200406-050	date:	2004-06-15T00:00:00
db:	NVD	id:	CVE-2004-1754	date:	2004-06-15T04:00:00