Vulnerabilities > Symantec > Enterprise Firewall > 6.5.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2003-06-09 | CVE-2002-1463 | Unspecified vulnerability in Symantec products Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor Models 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 generate easily predictable initial sequence numbers (ISN), which allows remote attackers to spoof connections. | 7.5 |
| 2003-03-31 | CVE-2002-1535 | Information Disclosure vulnerability in Symantec Enterprise Firewall and Raptor Firewall Secure Webserver 1.1 in Raptor 6.5 and Symantec Enterprise Firewall 6.5.2 allows remote attackers to identify IP addresses of hosts on the internal network via a CONNECT request, which generates different error messages if the host is present. | 5.0 |
| 2002-12-31 | CVE-2002-2294 | Buffer Errors vulnerability in Symantec Enterprise Firewall, Raptor Firewall and Velociraptor Multiple buffer overflows in Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 allow remote attackers to cause a denial of service (service termination) via (1) malformed RealAudio (rad) packets that are not properly handled by the RealAudio Proxy, or (2) crafted packets to the statistics service (statsd). | 5.0 |
| 2002-10-28 | CVE-2002-0990 | Denial of Service vulnerability in Multiple Symantec HTTP Proxy The web proxy component in Symantec Enterprise Firewall (SEF) 6.5.2 through 7.0, Raptor Firewall 6.5 and 6.5.3, VelociRaptor, and Symantec Gateway Security allow remote attackers to cause a denial of service (connection resource exhaustion) via multiple connection requests to domains whose DNS server is unresponsive or does not exist, which generates a long timeout. | 5.0 |
| 2002-07-03 | CVE-2002-0538 | Unspecified vulnerability in Symantec products FTP proxy in Symantec Raptor Firewall 6.5.3 and Enterprise 7.0 rewrites an FTP server's "FTP PORT" responses in a way that allows remote attackers to redirect FTP data connections to arbitrary ports, a variant of the "FTP bounce" vulnerability. | 7.5 |
| 2002-05-31 | CVE-2002-0309 | Unspecified vulnerability in Symantec Enterprise Firewall 6.5.2 SMTP proxy in Symantec Enterprise Firewall (SEF) 6.5.x includes the firewall's physical interface name and address in an SMTP protocol exchange when NAT translation is made to an address other than the firewall, which could allow remote attackers to determine certain firewall configuration information. | 5.0 |
| 2002-05-31 | CVE-2002-0302 | Unspecified vulnerability in Symantec Enterprise Firewall 6.5.2/7.0 The Notify daemon for Symantec Enterprise Firewall (SEF) 6.5.x drops large alerts when SNMP is used as the transport, which could prevent some alerts from being sent in the event of an attack. | 5.0 |