Symantec Firewalls And Gateways Are Vulnerable To Attack

Symantec noted on its Web site that the vulnerabilities "are remotely exploitable and can allow an attacker to perform a denial of service attack against the firewall appliance, identify active services in the WAN interface, and exploit one of these services to collect and alter the firewall's configuration." The Symantec Firewall/VPN Appliances, models 100, 200 and 200R are vulnerable to all three attacks, while the Symantec Gateway Security models 320, 360 and 360R are not vulnerable to the Denial of Service attack, but are vulnerable to the other two.

Secunia, a Denmark-based security firm, issued an advisory saying that the denial-of-service attack is made possible due to a problem with the firewall's connection handling, in which the firewall stops responding via a UDP port scan of all of the ports on the firewall's WAN interface.

Ottawa-based Rigel Kent Security and Advisory Services first reported the vulnerabilities to Symantec. Symantec said that it is unaware of any attempts to exploit the vulnerabilities.

This story courtesy of NetworkingPipeline