Sign-up

ID

VAR-200505-0530


CVE

CVE-2005-0817


TITLE

Symantec Gateway Security Unknown remote DNS Cache poisoning vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200505-240

DESCRIPTION

Unknown vulnerability in the DNSd proxy, as used in Symantec Gateway Security 5400 2.x and 5300 1.x, Enterprise Firewall 7.0.x and 8.x, and VelociRaptor 1100/1200/1300 1.5, allows remote attackers to poison the DNS cache and redirect users to malicious sites. The underlying issue causing this vulnerability is currently unknown. An attacker may leverage this issue to manipulate cache data, potentially facilitating man-in-the-middle, site impersonation, or denial of service attacks. The vulnerability is caused due to an unspecified error in the DNS proxy (DNSd) when functioning as a DNS caching server or primary DNS server and can be exploited to poison the DNS cache. SOLUTION: The vendor has issued hotfixes. http://www.symantec.com/techsupp ORIGINAL ADVISORY: Symantec: http://securityresponse.symantec.com/avcenter/security/Content/2005.03.15.html http://service1.symantec.com/support/ent-gate.nsf/docid/2005030417285454 OTHER REFERENCES: SA11888: http://secunia.com/advisories/11888/ Internet Storm Center: http://www.isc.sans.org/diary.php?date=2005-03-04 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 1.35

sources: NVD: CVE-2005-0817 // BID: 12818 // VULHUB: VHN-12026 // PACKETSTORM: 36656

AFFECTED PRODUCTS

vendor:symantecmodel:velociraptorscope:eqversion:model_1300

Trust: 1.6

vendor:symantecmodel:gateway security 5300scope:eqversion:1.0

Trust: 1.6

vendor:symantecmodel:gateway security 5400scope:eqversion:2.0

Trust: 1.6

vendor:symantecmodel:enterprise firewallscope:eqversion:8.0

Trust: 1.6

vendor:symantecmodel:enterprise firewallscope:eqversion:7.0

Trust: 1.6

vendor:symantecmodel:velociraptorscope:eqversion:13001.5

Trust: 0.3

vendor:symantecmodel:velociraptorscope:eqversion:1300

Trust: 0.3

vendor:symantecmodel:velociraptorscope:eqversion:12001.5

Trust: 0.3

vendor:symantecmodel:velociraptorscope:eqversion:1200

Trust: 0.3

vendor:symantecmodel:velociraptorscope:eqversion:11001.5

Trust: 0.3

vendor:symantecmodel:velociraptorscope:eqversion:1100

Trust: 0.3

vendor:symantecmodel:gateway securityscope:eqversion:54002.0.1

Trust: 0.3

vendor:symantecmodel:gateway securityscope:eqversion:54002.0

Trust: 0.3

vendor:symantecmodel:gateway securityscope:eqversion:53001.0

Trust: 0.3

vendor:symantecmodel:gateway securityscope:eqversion:5300

Trust: 0.3

vendor:symantecmodel:enterprise firewall solarisscope:eqversion:8.0

Trust: 0.3

vendor:symantecmodel:enterprise firewall nt/2000scope:eqversion:8.0

Trust: 0.3

vendor:symantecmodel:enterprise firewall solarisscope:eqversion:7.0

Trust: 0.3

vendor:symantecmodel:enterprise firewall nt/2000scope:eqversion:7.0

Trust: 0.3

sources: BID: 12818 // CNNVD: CNNVD-200505-240 // NVD: CVE-2005-0817

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2005-0817
value: MEDIUM

Trust: 1.0

CNNVD: CNNVD-200505-240
value: MEDIUM

Trust: 0.6

VULHUB: VHN-12026
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2005-0817
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-12026
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-12026 // CNNVD: CNNVD-200505-240 // NVD: CVE-2005-0817

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2005-0817

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200505-240

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-200505-240

EXTERNAL IDS

db:NVDid:CVE-2005-0817

Trust: 2.0

db:SECUNIAid:14595

Trust: 1.8

db:SECTRACKid:1013451

Trust: 1.7

db:CNNVDid:CNNVD-200505-240

Trust: 0.7

db:BUGTRAQid:20040615 SYMANTEC ENTERPRISE FIREWALL DNSD CACHE POISONING VULNERABILITY

Trust: 0.6

db:XFid:44530

Trust: 0.6

db:XFid:16423

Trust: 0.6

db:BIDid:12818

Trust: 0.4

db:VULHUBid:VHN-12026

Trust: 0.1

db:PACKETSTORMid:36656

Trust: 0.1

sources: VULHUB: VHN-12026 // BID: 12818 // PACKETSTORM: 36656 // CNNVD: CNNVD-200505-240 // NVD: CVE-2005-0817

REFERENCES

url:http://securityresponse.symantec.com/avcenter/security/content/2005.03.15.html

Trust: 2.1

url:http://www.isc.sans.org/diary.php?date=2005-03-04

Trust: 1.8

url:http://archives.neohapsis.com/archives/bugtraq/2004-06/0225.html

Trust: 1.7

url:http://securitytracker.com/id?1013451

Trust: 1.7

url:http://secunia.com/advisories/14595

Trust: 1.7

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/16423

Trust: 1.1

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/44530

Trust: 1.1

url:http://xforce.iss.net/xforce/xfdb/44530

Trust: 0.6

url:http://xforce.iss.net/xforce/xfdb/16423

Trust: 0.6

url:http://enterprisesecurity.symantec.com/products/products.cfm?productid=47

Trust: 0.3

url:http://enterprisesecurity.symantec.com/products/products.cfm?productid=133&eid=0

Trust: 0.3

url:http://secunia.com/product/3104/

Trust: 0.1

url:http://www.symantec.com/techsupp

Trust: 0.1

url:http://secunia.com/advisories/11888/

Trust: 0.1

url:http://secunia.com/product/174/

Trust: 0.1

url:http://secunia.com/secunia_security_advisories/

Trust: 0.1

url:http://secunia.com/advisories/14595/

Trust: 0.1

url:http://secunia.com/product/3587/

Trust: 0.1

url:http://service1.symantec.com/support/ent-gate.nsf/docid/2005030417285454

Trust: 0.1

url:http://secunia.com/product/514/

Trust: 0.1

url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Trust: 0.1

url:http://secunia.com/about_secunia_advisories/

Trust: 0.1

url:https://ca.secunia.com/?f=l

Trust: 0.1

url:http://secunia.com/product/876/

Trust: 0.1

sources: VULHUB: VHN-12026 // BID: 12818 // PACKETSTORM: 36656 // CNNVD: CNNVD-200505-240 // NVD: CVE-2005-0817

CREDITS

The individual or individuals responsible for the discovery of this issue are currently unknown; the vendor reported this issue.

Trust: 0.9

sources: BID: 12818 // CNNVD: CNNVD-200505-240

SOURCES

db:VULHUBid:VHN-12026
db:BIDid:12818
db:PACKETSTORMid:36656
db:CNNVDid:CNNVD-200505-240
db:NVDid:CVE-2005-0817

LAST UPDATE DATE

2024-08-14T13:40:22.502000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-12026date:2017-07-11T00:00:00
db:BIDid:12818date:2009-07-12T10:56:00
db:CNNVDid:CNNVD-200505-240date:2005-10-20T00:00:00
db:NVDid:CVE-2005-0817date:2017-07-11T01:32:25.517

SOURCES RELEASE DATE

db:VULHUBid:VHN-12026date:2005-05-02T00:00:00
db:BIDid:12818date:2005-03-16T00:00:00
db:PACKETSTORMid:36656date:2005-03-22T05:21:38
db:CNNVDid:CNNVD-200505-240date:2005-05-02T00:00:00
db:NVDid:CVE-2005-0817date:2005-05-02T04:00:00