Details of VAR-200505-0030

ID

VAR-200505-0030

CVE

CVE-2005-0618

TITLE

Symantec Gateway Security SMTP Data breach vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200505-369

DESCRIPTION

The SMTP binding function in Symantec Firewall/VPN Appliance 200/200R firmware after 1.5Z and before 1.68, Gateway Security 360/360R and 460/460R firmware before vuild 858, and Nexland Pro800turbo, when configured for load balancing between two WANs, might send SMTP traffic to a trusted network through an untrusted network. Symantec Gateway Security is reported prone to a vulnerability that may result in the leakage of potentially sensitive SMTP data. It is reported that this issue manifests when an affected appliance is configured to load-balance two WAN network connections and SMTP binding is configured for a single WAN interface. This may result in SMTP data leakage in deployments where one WAN interface is trusted and the other is not. SMTP traffic bound to the trusted WAN interface is load-balanced onto the untrusted WAN. ---------------------------------------------------------------------- Monitor, Filter, and Manage Security Information - Filtering and Management of Secunia advisories - Overview, documentation, and detailed reports - Alerting via email and SMS Request Trial: https://ca.secunia.com/?f=l ---------------------------------------------------------------------- TITLE: Symantec Firewall Devices SMTP Binding Configuration Bypass SECUNIA ADVISORY ID: SA14428 VERIFY ADVISORY: http://secunia.com/advisories/14428/ CRITICAL: Less critical IMPACT: Exposure of sensitive information WHERE: >From remote OPERATING SYSTEM: Symantec Firewall/VPN Appliance 100/200/200R http://secunia.com/product/552/ Symantec Gateway Security 2.x http://secunia.com/product/3104/ Symantec Nexland Firewall Appliances 1.x http://secunia.com/product/4466/ DESCRIPTION: Arthur Hagen has reported a security issue in various Symantec firewall devices, which may disclose sensitive information to malicious people. The problem is caused due to an error in the SMTP binding functionality of certain devices with ISP load-balancing capabilities. The security issue has been reported in the following versions: * Symantec Firewall/VPN Appliance 200/200R (firmware builds prior to build 1.68 and later than 1.5Z) * Symantec Gateway Security 360/360R (firmware builds prior to build 858) * Symantec Gateway Security 460/460R (firmware builds prior to build 858) * Nexland Pro800turbo (firmware builds prior to build 1.6X and later than 1.5Z) SOLUTION: The vendor has issued updated firmware releases. http://www.symantec.com/techsupp Symantec Firewall/VPN Appliance models 200 and 200R: Update to build 1.68. Symantec Gateway Security Appliance 300 and 400 series: Update to build 858. Nexland Pro800turbo: Update to build 1.6X. PROVIDED AND/OR DISCOVERED BY: Arthur Hagen ORIGINAL ADVISORY: http://securityresponse.symantec.com/avcenter/security/Content/2005.02.28.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 1.35

sources: NVD: CVE-2005-0618 // BID: 12654 // VULHUB: VHN-11827 // PACKETSTORM: 36389

AFFECTED PRODUCTS

vendor:	symantec	model:	gateway security 360	scope:	lte	version:	857	Trust: 1.0
vendor:	symantec	model:	gateway security 460	scope:	lte	version:	857	Trust: 1.0
vendor:	nexland	model:	pro800turbo	scope:	eq	version:	*	Trust: 1.0
vendor:	symantec	model:	firewall vpn appliance 200r	scope:	eq	version:	*	Trust: 1.0
vendor:	nexland	model:	pro800turbo	scope:	-	version:	-	Trust: 0.6
vendor:	symantec	model:	nexland pro800turbo firewall appliance	scope:	-	version:	-	Trust: 0.3
vendor:	symantec	model:	gateway security 460r	scope:	-	version:	-	Trust: 0.3
vendor:	symantec	model:	gateway security	scope:	eq	version:	460	Trust: 0.3
vendor:	symantec	model:	gateway security 360r	scope:	-	version:	-	Trust: 0.3
vendor:	symantec	model:	gateway security	scope:	eq	version:	360	Trust: 0.3
vendor:	symantec	model:	firewall/vpn appliance 200r	scope:	-	version:	-	Trust: 0.3
vendor:	symantec	model:	firewall/vpn appliance	scope:	eq	version:	200	Trust: 0.3
vendor:	symantec	model:	velociraptor	scope:	ne	version:	1.5	Trust: 0.3
vendor:	symantec	model:	nexland wavebase firewall appliance	scope:	ne	version:	-	Trust: 0.3
vendor:	symantec	model:	nexland pro800 firewall appliance	scope:	ne	version:	-	Trust: 0.3
vendor:	symantec	model:	nexland pro400 firewall appliance	scope:	ne	version:	-	Trust: 0.3
vendor:	symantec	model:	nexland pro100 firewall appliance	scope:	ne	version:	-	Trust: 0.3
vendor:	symantec	model:	nexland isb soho firewall appliance	scope:	ne	version:	-	Trust: 0.3
vendor:	symantec	model:	gateway security	scope:	ne	version:	54002.0	Trust: 0.3
vendor:	symantec	model:	gateway security	scope:	ne	version:	53001.0	Trust: 0.3
vendor:	symantec	model:	gateway security	scope:	ne	version:	4200	Trust: 0.3
vendor:	symantec	model:	gateway security	scope:	ne	version:	320	Trust: 0.3
vendor:	symantec	model:	firewall/vpn appliance	scope:	ne	version:	100	Trust: 0.3
vendor:	symantec	model:	enterprise firewall solaris	scope:	ne	version:	8.0	Trust: 0.3
vendor:	symantec	model:	enterprise firewall nt/2000	scope:	ne	version:	8.0	Trust: 0.3
vendor:	symantec	model:	enterprise firewall solaris	scope:	ne	version:	7.0.4	Trust: 0.3
vendor:	symantec	model:	enterprise firewall nt/2000	scope:	ne	version:	7.0.4	Trust: 0.3
vendor:	symantec	model:	enterprise firewall solaris	scope:	ne	version:	7.0	Trust: 0.3
vendor:	symantec	model:	enterprise firewall nt/2000	scope:	ne	version:	7.0	Trust: 0.3

sources: BID: 12654 // CNNVD: CNNVD-200505-369 // NVD: CVE-2005-0618

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2005-0618
value:	MEDIUM
Trust: 1.0
CNNVD:	CNNVD-200505-369
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-11827
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2005-0618
severity:	MEDIUM
baseScore:	6.4
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-11827
severity:	MEDIUM
baseScore:	6.4
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-11827 // CNNVD: CNNVD-200505-369 // NVD: CVE-2005-0618

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2005-0618

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200505-369

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-200505-369

EXTERNAL IDS

db:	NVD	id:	CVE-2005-0618	Trust: 2.0
db:	SECUNIA	id:	14428	Trust: 1.8
db:	CNNVD	id:	CNNVD-200505-369	Trust: 0.7
db:	BID	id:	12654	Trust: 0.4
db:	VULHUB	id:	VHN-11827	Trust: 0.1
db:	PACKETSTORM	id:	36389	Trust: 0.1

sources: VULHUB: VHN-11827 // BID: 12654 // PACKETSTORM: 36389 // CNNVD: CNNVD-200505-369 // NVD: CVE-2005-0618

REFERENCES

url:	http://securityresponse.symantec.com/avcenter/security/content/2005.02.28.html	Trust: 2.1
url:	http://secunia.com/advisories/14428	Trust: 1.7
url:	http://secunia.com/product/3104/	Trust: 0.1
url:	http://secunia.com/product/4466/	Trust: 0.1
url:	http://www.symantec.com/techsupp	Trust: 0.1
url:	http://secunia.com/secunia_security_advisories/	Trust: 0.1
url:	http://secunia.com/product/552/	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/about_secunia_advisories/	Trust: 0.1
url:	http://secunia.com/advisories/14428/	Trust: 0.1
url:	https://ca.secunia.com/?f=l	Trust: 0.1

sources: VULHUB: VHN-11827 // BID: 12654 // PACKETSTORM: 36389 // CNNVD: CNNVD-200505-369 // NVD: CVE-2005-0618

CREDITS

Discovery of this vulnerability is credited to Arthur Hagen of Broomstick Net Services.

Trust: 0.9

sources: BID: 12654 // CNNVD: CNNVD-200505-369

SOURCES

db:	VULHUB	id:	VHN-11827
db:	BID	id:	12654
db:	PACKETSTORM	id:	36389
db:	CNNVD	id:	CNNVD-200505-369
db:	NVD	id:	CVE-2005-0618

LAST UPDATE DATE

2024-08-14T14:00:41.908000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-11827	date:	2008-09-05T00:00:00
db:	BID	id:	12654	date:	2009-07-12T10:56:00
db:	CNNVD	id:	CNNVD-200505-369	date:	2005-10-20T00:00:00
db:	NVD	id:	CVE-2005-0618	date:	2008-09-05T20:46:49.427

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-11827	date:	2005-05-02T00:00:00
db:	BID	id:	12654	date:	2005-02-28T00:00:00
db:	PACKETSTORM	id:	36389	date:	2005-03-01T21:36:29
db:	CNNVD	id:	CNNVD-200505-369	date:	2005-05-02T00:00:00
db:	NVD	id:	CVE-2005-0618	date:	2005-05-02T04:00:00