Vulnerabilities > CVE-2004-1473 - Unspecified vulnerability in Symantec products
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN symantec
nessus
Summary
Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 and Gateway Security 320, 360, and 360R running firmware before 622 allow remote attackers to bypass filtering and determine whether the device is running services such as tftpd, snmpd, or isakmp via a UDP port scan with a source port of UDP 53.
Vulnerable Configurations
Nessus
| NASL family | Firewalls |
| NASL id | KERIO_PF_UDPBYPASS.NASL |
| description | It is possible to bypass the rules of the remote firewall by sending UDP packets with a source port equal to 53. An attacker may use this flaw to inject UDP packets to the remote hosts, in spite of the presence of a firewall. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 11580 |
| published | 2003-05-06 |
| reporter | This script is Copyright (C) 2003-2019 and is owned by Tenable, Inc. or an Affiliate thereof. |
| source | https://www.tenable.com/plugins/nessus/11580 |
| title | Firewall UDP Packet Source Port 53 Ruleset Bypass |
References
- http://marc.info/?l=bugtraq&m=109588376426070&w=2
- http://marc.info/?l=bugtraq&m=109588376426070&w=2
- http://secunia.com/advisories/12635
- http://secunia.com/advisories/12635
- http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html
- http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html
- http://www.kb.cert.org/vuls/id/329230
- http://www.kb.cert.org/vuls/id/329230
- http://www.osvdb.org/10205
- http://www.osvdb.org/10205
- http://www.securityfocus.com/bid/11237
- http://www.securityfocus.com/bid/11237
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17470
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17470