Symantec Enterprise Firewall/VPN Appliance Multiple Remote Vulnerabilities

Symantec Enterprise Firewall/VPN Appliance is affected by multiple remote vulnerabilities. These issues are due to a failure of the application to handle exceptional conditions, a default configuration issue exists as well.

An attacker can leverage a denial of service issue to cause the affected appliance to stop responding, requiring a power off to bring the device back to functionality. A filter bypass issue allows an attacker to bypass the filters on the 'tftpd', 'snmpd', and 'isakmp' services. An attacker can also read and write the community string of the affected device by default, facilitating disclosure and altering of the device's settings.

Symantec Nexland legacy firewall appliances are also affected by these issues.


Privacy Statement
Copyright 2010, SecurityFocus