CVE-2005-0618

Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus

SecuriTeam™
Beyond Security®

SecuriTeam™ Home
Ask the Team
Mailing Lists
Advertising Info
Blogs

	SecuriTeam™ in Your Inbox

	E-mail this CVE-2005-0618 to a friend

New vulnerability?
New tool?
Tell us

Credit:
The original article can be found at: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-0618
The original article can be found at: http://www.securityfocus.com/bid/12654

Website Security Scan	Code Vulnerability Test	Network Assessment Tool
Detect hidden vulnerabilities	Exhaustive automated testing	Real-time, continuous security
Get guidance from professionals	of internal or 3rd party code.	scanning for your entire network

Check for CVE-2005-0618

Vulnerability Assessment and Management.
Automated Pen Testing for 50 to 50,000 nodes
beyondsecurity.com/vulnerability-scanner

Vulnerable Systems:
* Symantec Nexland Pro800turbo Firewall Appliance
* Symantec Gateway Security 460R
* Symantec Gateway Security 460
* Symantec Gateway Security 360R
* Symantec Gateway Security 360
* Symantec Firewall/VPN Appliance 200R
* Symantec Firewall/VPN Appliance 200

Symantec Gateway Security is reported prone to a vulnerability that may result in the leakage of potentially sensitive SMTP data.
It is reported that this issue manifests when an affected appliance is configured to load-balance two WAN network connections and SMTP binding is configured for a single WAN interface.
This may result in SMTP data leakage in deployments where one WAN interface is trusted and the other is not. SMTP traffic bound to the trusted WAN interface is load-balanced onto the untrusted WAN.

Vendor Status:
Symantec as issued an update for this vulnerablity

Patch Availability:
http://securityresponse.symantec.com/avcenter/security/Content/2005.02.28.html

CVE Information:
CVE-2005-0618

Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus