Vulnerabilities > Symantec
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2002-12-31 | CVE-2002-1778 | Unspecified vulnerability in Symantec Norton Personal Firewall 2002 Symantec Norton Personal Firewall 2002 allows remote attackers to bypass the portscan protection by using a (1) SYN/FIN, (2) SYN/FIN/URG, (3) SYN/FIN/PUSH, or (4) SYN/FIN/URG/PUSH scan. | 7.5 |
2002-12-31 | CVE-2002-1695 | Norton Internet Security 2001 opens log files with FILE_SHARE_READ and FILE_SHARE_WRITE permissions, which could allow remote attackers to modify the log file contents while Norton Internet Security is running. | 5.0 |
2002-10-28 | CVE-2002-0990 | Denial of Service vulnerability in Multiple Symantec HTTP Proxy The web proxy component in Symantec Enterprise Firewall (SEF) 6.5.2 through 7.0, Raptor Firewall 6.5 and 6.5.3, VelociRaptor, and Symantec Gateway Security allow remote attackers to cause a denial of service (connection resource exhaustion) via multiple connection requests to domains whose DNS server is unresponsive or does not exist, which generates a long timeout. | 5.0 |
2002-08-12 | CVE-2002-0485 | Improper Handling of Case Sensitivity vulnerability in Symantec Norton Antivirus Norton Anti-Virus (NAV) allows remote attackers to bypass content filtering via attachments whose Content-Type and Content-Disposition headers are mixed upper and lower case, which is ignored by some mail clients. | 7.5 |
2002-07-26 | CVE-2002-0663 | Buffer Overflow vulnerability in Symantec Norton Personal Firewall/Internet Security 2001 Buffer overflow in HTTP Proxy for Symantec Norton Personal Internet Firewall 3.0.4.91 and Norton Internet Security 2001 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large outgoing HTTP request. | 7.5 |
2002-07-03 | CVE-2002-0538 | Unspecified vulnerability in Symantec products FTP proxy in Symantec Raptor Firewall 6.5.3 and Enterprise 7.0 rewrites an FTP server's "FTP PORT" responses in a way that allows remote attackers to redirect FTP data connections to arbitrary ports, a variant of the "FTP bounce" vulnerability. | 7.5 |
2002-06-25 | CVE-2002-0345 | Unspecified vulnerability in Symantec Norton Ghost 7.0 Symantec Ghost 7.0 stores usernames and passwords in plaintext in the NGServer\params registry key, which could allow an attacker to gain privileges. | 7.5 |
2002-06-25 | CVE-2002-0344 | Unspecified vulnerability in Symantec Liveupdate 1.0/1.4/1.5 Symantec LiveUpdate 1.5 and earlier in Norton Antivirus stores usernames and passwords for a local LiveUpdate server in cleartext in the registry, which may allow remote attackers to impersonate the LiveUpdate server. | 5.0 |
2002-05-31 | CVE-2002-0309 | Unspecified vulnerability in Symantec Enterprise Firewall 6.5.2 SMTP proxy in Symantec Enterprise Firewall (SEF) 6.5.x includes the firewall's physical interface name and address in an SMTP protocol exchange when NAT translation is made to an address other than the firewall, which could allow remote attackers to determine certain firewall configuration information. | 5.0 |
2002-05-31 | CVE-2002-0302 | Unspecified vulnerability in Symantec Enterprise Firewall 6.5.2/7.0 The Notify daemon for Symantec Enterprise Firewall (SEF) 6.5.x drops large alerts when SNMP is used as the transport, which could prevent some alerts from being sent in the event of an attack. | 5.0 |