Vulnerabilities > Symantec > Firewall VPN Appliance 200

DATE CVE VULNERABILITY TITLE RISK
2005-11-23 CVE-2005-3768 Denial-Of-Service vulnerability in Gateway Security 400
Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in Symantec Dynamic VPN Services, as used in Enterprise Firewall, Gateway Security, and Firewall /VPN Appliance products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.
network
low complexity
symantec
7.5
2004-12-31 CVE-2004-1474 Remote vulnerability in Symantec Enterprise Firewall/VPN Appliance
Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 and Gateway Security 320, 360, and 360R running firmware before 622 uses a default read/write SNMP community string, which allows remote attackers to alter the firewall's configuration file.
network
low complexity
symantec
5.0
2004-12-31 CVE-2004-1473 Remote vulnerability in Symantec Enterprise Firewall/VPN Appliance
Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 and Gateway Security 320, 360, and 360R running firmware before 622 allow remote attackers to bypass filtering and determine whether the device is running services such as tftpd, snmpd, or isakmp via a UDP port scan with a source port of UDP 53.
network
low complexity
symantec
5.0
2004-12-31 CVE-2004-1472 Remote vulnerability in Symantec Enterprise Firewall/VPN Appliance
Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 allow remote attackers to cause a denial of service (device freeze) via a fast UDP port scan on the WAN interface.
network
low complexity
symantec
5.0
2004-03-15 CVE-2004-0190 Unspecified vulnerability in Symantec products
Symantec FireWall/VPN Appliance model 200 records a cleartext password for the password administration page, which may be cached on the administrator's local system or in a proxy, which allows attackers to steal the password and gain privileges.
network
low complexity
symantec
7.5
2002-12-31 CVE-2002-1937 Remote Security vulnerability in Symantec products
Symantec Firewall/VPN Appliance 100 through 200R hardcodes the administrator's MAC address inside the firewall's configuration, which allows remote attackers to spoof the administrator's MAC address and perform an ARP poisoning man-in-the-middle attack to obtain the administrator's password.
network
low complexity
symantec
5.0