Home    |    View Topics    |    Search    |    Contact Us    |   



Category:   Application (Firewall)  >   Symantec Enterprise Firewall (Raptor) Vendors:   Symantec
Symantec Enterprise Firewall DNSd Proxy Bug Lets Remote Users Poison the DNS Cache
SecurityTracker Alert ID:  1013452
SecurityTracker URL:
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Mar 16 2005
Impact:   Modification of system information
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 7.0.x, 8.0 ; (Windows and Solaris)
Description:   A vulnerability was reported in Symantec Enterprise Firewall in the DNSd proxy. A remote user may be able to poison the DNS cache.

A remote user with control of a DNS server (or the ability to spoof DNS) can send specially crafted packets to poison the DNS on the target system. As a result, host name lookups performed using the Symantec product will return arbitrary addresses specified by the remote user.

Systems configured as a DNS caching server or as a primary DNS server may be affected.

Impact:   A remote user may be able to poison the DNS cache and cause host name lookups performed via the target system to return an arbitrary (and incorrect) address.
Solution:   The vendor issued hotfixes on March 4, 2005 and on March 14, 2005 to address this vulnerability.
Vendor URL: (Links to External Site)
Cause:   Not specified
Underlying OS:  UNIX (Solaris - SunOS), Windows (NT), Windows (2000)

Message History:   None.

 Source Message Contents

[Original Message Not Available for Viewing]

Go to the Top of This SecurityTracker Archive Page

Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, LLC