|
|
|
|
| |
Credit:
The original article can be found at: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-0369
The original article can be found at: http://www.securityfocus.com/bid/11039
|
| |
Vulnerable Systems:
* Symantec VelociRaptor 1.5
* Symantec Gateway Security 5440
* Symantec Gateway Security 5300
* Symantec Gateway Security 5200 1.0
* Symantec Gateway Security 5110 1.0
* Symantec Gateway Security 360R
* Symantec Enterprise Firewall 7.0.4 Solaris
* Symantec Enterprise Firewall 7.0.4 NT/2000
* Symantec Enterprise Firewall 7.0 Solaris
* Symantec Enterprise Firewall 7.0 NT/2000
The Entrust LibKMP ISAKMP library is reported to be affected by a remote buffer overflow vulnerability. Malicious ISAKMP packets may trigger a buffer overrun in the affected library resulting in the corruption of process memory. It is reported that a remote attacker may exploit this condition to deny service to the Entrust library or to execute arbitrary code in the context of an implementation that uses the library.
Although unconfirmed, it is conjectured that this vulnerability may be related to the vulnerability described in BID 10273, as Checkpoint VPN-1 may use the affected library.
Vendor Status:
Symantec as issued an update for this vulnerablity
Patch Availability:
http://securityresponse.symantec.com/avcenter/security/Content/2004.08.26.html
CVE Information:
CVE-2004-0369
|
|
|
|
|
