Details of VAR-200412-0170

ID

VAR-200412-0170

CVE

CVE-2004-1473

TITLE

Symantec Firewall/VPN appliance vulnerable to DoS via UDP port scan

Trust: 0.8

sources: CERT/CC: VU#441078

DESCRIPTION

Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 and Gateway Security 320, 360, and 360R running firmware before 622 allow remote attackers to bypass filtering and determine whether the device is running services such as tftpd, snmpd, or isakmp via a UDP port scan with a source port of UDP 53. These issues are due to a failure of the application to handle exceptional conditions, a default configuration issue exists as well. An attacker can leverage a denial of service issue to cause the affected appliance to stop responding, requiring a power off to bring the device back to functionality. A filter bypass issue allows an attacker to bypass the filters on the 'tftpd', 'snmpd', and 'isakmp' services. An attacker can also read and write the community string of the affected device by default, facilitating disclosure and altering of the device's settings. Symantec Nexland legacy firewall appliances are also affected by these issues. Symantec Enterprise Firewall/VPN is an enterprise-level firewall/VPN system. Symantec Enterprise Firewall/VPN has a default public string, and remote attackers can use this value to obtain sensitive information or perform some configuration operations. Firewalls have default read/write public strings that allow attackers to collect and change firewall configurations. By combining other vulnerabilities, an attacker can send SNMP GET/SET requests to the WAN interface

Trust: 3.42

sources: NVD: CVE-2004-1473 // CERT/CC: VU#441078 // CERT/CC: VU#329230 // CERT/CC: VU#173910 // BID: 11237 // VULHUB: VHN-9903

AFFECTED PRODUCTS

vendor:	symantec	model:	-	scope:	-	version:	-	Trust: 2.4
vendor:	symantec	model:	gateway security 360	scope:	eq	version:	*	Trust: 1.0
vendor:	symantec	model:	gateway security 320	scope:	eq	version:	*	Trust: 1.0
vendor:	symantec	model:	firewall vpn appliance 200r	scope:	eq	version:	*	Trust: 1.0
vendor:	symantec	model:	firewall vpn appliance 200	scope:	eq	version:	*	Trust: 1.0
vendor:	symantec	model:	nexland pro800 firewall appliance	scope:	eq	version:	*	Trust: 1.0
vendor:	symantec	model:	nexland wavebase firewall appliance	scope:	eq	version:	*	Trust: 1.0
vendor:	symantec	model:	firewall vpn appliance 100	scope:	eq	version:	*	Trust: 1.0
vendor:	symantec	model:	nexland pro800turbo firewall appliance	scope:	eq	version:	*	Trust: 1.0
vendor:	symantec	model:	nexland pro400 firewall appliance	scope:	eq	version:	*	Trust: 1.0
vendor:	symantec	model:	gateway security 360r	scope:	eq	version:	*	Trust: 1.0
vendor:	symantec	model:	nexland isb soho firewall appliance	scope:	eq	version:	*	Trust: 1.0
vendor:	symantec	model:	nexland pro100 firewall appliance	scope:	eq	version:	*	Trust: 1.0
vendor:	symantec	model:	nexland wavebase firewall appliance	scope:	-	version:	-	Trust: 0.9
vendor:	symantec	model:	nexland pro800turbo firewall appliance	scope:	-	version:	-	Trust: 0.9
vendor:	symantec	model:	nexland pro100 firewall appliance	scope:	-	version:	-	Trust: 0.9
vendor:	symantec	model:	nexland isb soho firewall appliance	scope:	-	version:	-	Trust: 0.9
vendor:	symantec	model:	gateway security 360r	scope:	-	version:	-	Trust: 0.9
vendor:	symantec	model:	gateway security 360	scope:	-	version:	-	Trust: 0.6
vendor:	symantec	model:	firewall vpn appliance 200r	scope:	-	version:	-	Trust: 0.6
vendor:	symantec	model:	firewall vpn appliance 100	scope:	-	version:	-	Trust: 0.6
vendor:	symantec	model:	gateway security 320	scope:	-	version:	-	Trust: 0.6
vendor:	symantec	model:	firewall vpn appliance 200	scope:	-	version:	-	Trust: 0.6
vendor:	symantec	model:	nexland pro800 firewall appliance	scope:	-	version:	-	Trust: 0.3
vendor:	symantec	model:	nexland pro400 firewall appliance	scope:	-	version:	-	Trust: 0.3
vendor:	symantec	model:	gateway security	scope:	eq	version:	360	Trust: 0.3
vendor:	symantec	model:	gateway security	scope:	eq	version:	320	Trust: 0.3
vendor:	symantec	model:	firewall/vpn appliance 200r	scope:	-	version:	-	Trust: 0.3
vendor:	symantec	model:	firewall/vpn appliance	scope:	eq	version:	200	Trust: 0.3
vendor:	symantec	model:	firewall/vpn appliance	scope:	eq	version:	100	Trust: 0.3

sources: CERT/CC: VU#441078 // CERT/CC: VU#329230 // CERT/CC: VU#173910 // BID: 11237 // CNNVD: CNNVD-200412-900 // NVD: CVE-2004-1473

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2004-1473
value:	MEDIUM
Trust: 1.0
CARNEGIE MELLON:	VU#441078
value:	5.78
Trust: 0.8
CARNEGIE MELLON:	VU#329230
value:	6.06
Trust: 0.8
CARNEGIE MELLON:	VU#173910
value:	15.59
Trust: 0.8
CNNVD:	CNNVD-200412-900
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-9903
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2004-1473
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-9903
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CERT/CC: VU#441078 // CERT/CC: VU#329230 // CERT/CC: VU#173910 // VULHUB: VHN-9903 // CNNVD: CNNVD-200412-900 // NVD: CVE-2004-1473

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2004-1473

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200412-900

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-200412-900

EXTERNAL IDS

db:	BID	id:	11237	Trust: 4.4
db:	SECUNIA	id:	12635	Trust: 4.1
db:	CERT/CC	id:	VU#329230	Trust: 2.5
db:	SECTRACK	id:	1011389	Trust: 2.4
db:	NVD	id:	CVE-2004-1473	Trust: 1.7
db:	OSVDB	id:	10205	Trust: 1.7
db:	SECTRACK	id:	1011388	Trust: 1.6
db:	CERT/CC	id:	VU#441078	Trust: 0.8
db:	OSVDB	id:	10206	Trust: 0.8
db:	CERT/CC	id:	VU#173910	Trust: 0.8
db:	CNNVD	id:	CNNVD-200412-900	Trust: 0.7
db:	NSFOCUS	id:	6941	Trust: 0.6
db:	NSFOCUS	id:	6943	Trust: 0.6
db:	NSFOCUS	id:	6943※6942※6941	Trust: 0.6
db:	NSFOCUS	id:	6942	Trust: 0.6
db:	XF	id:	17470	Trust: 0.6
db:	BUGTRAQ	id:	20040922 MULTIPLE VULNERABILITIES IN SYMANTEC ENTERPRISE FIREWALL/GATEWAY SECURITY PRODUCTS	Trust: 0.6
db:	VULHUB	id:	VHN-9903	Trust: 0.1

sources: CERT/CC: VU#441078 // CERT/CC: VU#329230 // CERT/CC: VU#173910 // VULHUB: VHN-9903 // BID: 11237 // CNNVD: CNNVD-200412-900 // NVD: CVE-2004-1473

REFERENCES

url:	http://www.securityfocus.com/bid/11237	Trust: 4.1
url:	http://www.sarc.com/avcenter/security/content/2004.09.22.html	Trust: 2.4
url:	http://www.rigelksecurity.com/services/svcs_sec_advis.html	Trust: 2.4
url:	http://secunia.com/advisories/12635/	Trust: 2.4
url:	http://www.securitytracker.com/alerts/2004/sep/1011389.html	Trust: 2.4
url:	http://securityresponse.symantec.com/avcenter/security/content/2004.09.22.html	Trust: 2.0
url:	http://www.kb.cert.org/vuls/id/329230	Trust: 1.7
url:	http://www.osvdb.org/10205	Trust: 1.7
url:	http://secunia.com/advisories/12635	Trust: 1.7
url:	http://www.securitytracker.com/alerts/2004/sep/1011388.html	Trust: 1.6
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/17470	Trust: 1.1
url:	http://marc.info/?l=bugtraq&m=109588376426070&w=2	Trust: 1.0
url:	http://www.osvdb.org/displayvuln.php?osvdb_id=10206	Trust: 0.8
url:	http://xforce.iss.net/xforce/xfdb/17470	Trust: 0.6
url:	http://marc.theaimsgroup.com/?l=bugtraq&m=109588376426070&w=2	Trust: 0.6
url:	http://www.nsfocus.net/vulndb/6943※6942※6941	Trust: 0.6
url:	http://www.symantec.com/techsupp	Trust: 0.3
url:	http://enterprisesecurity.symantec.com/products/products.cfm?productid=133&eid=0	Trust: 0.3
url:	http://www.symantec.com	Trust: 0.3
url:	/archive/1/376029	Trust: 0.3
url:	http://marc.info/?l=bugtraq&m=109588376426070&w=2	Trust: 0.1

sources: CERT/CC: VU#441078 // CERT/CC: VU#329230 // CERT/CC: VU#173910 // VULHUB: VHN-9903 // BID: 11237 // CNNVD: CNNVD-200412-900 // NVD: CVE-2004-1473

CREDITS

Mike Sues※ msues@rigelksecurity.com

Trust: 0.6

sources: CNNVD: CNNVD-200412-900

SOURCES

db:	CERT/CC	id:	VU#441078
db:	CERT/CC	id:	VU#329230
db:	CERT/CC	id:	VU#173910
db:	VULHUB	id:	VHN-9903
db:	BID	id:	11237
db:	CNNVD	id:	CNNVD-200412-900
db:	NVD	id:	CVE-2004-1473

LAST UPDATE DATE

2024-08-14T14:00:44.819000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#441078	date:	2004-10-20T00:00:00
db:	CERT/CC	id:	VU#329230	date:	2004-10-20T00:00:00
db:	CERT/CC	id:	VU#173910	date:	2004-10-20T00:00:00
db:	VULHUB	id:	VHN-9903	date:	2017-07-11T00:00:00
db:	BID	id:	11237	date:	2004-09-22T00:00:00
db:	CNNVD	id:	CNNVD-200412-900	date:	2005-10-20T00:00:00
db:	NVD	id:	CVE-2004-1473	date:	2017-07-11T01:31:03.857

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#441078	date:	2004-10-20T00:00:00
db:	CERT/CC	id:	VU#329230	date:	2004-10-20T00:00:00
db:	CERT/CC	id:	VU#173910	date:	2004-10-20T00:00:00
db:	VULHUB	id:	VHN-9903	date:	2004-12-31T00:00:00
db:	BID	id:	11237	date:	2004-09-22T00:00:00
db:	CNNVD	id:	CNNVD-200412-900	date:	2004-09-22T00:00:00
db:	NVD	id:	CVE-2004-1473	date:	2004-12-31T05:00:00