|
|
|
|
| |
| There exists a problem in "Simple, secure webserver 1.1" that is shipped with Raptor Firewall 6.5 (among others), which lets an attacker map out the entire topology of a client from the outside. |
| |
Credit:
The information has been provided by AI-SEC Security Advisories.
|
| |
Versions affected:
* Raptor Firewall 6.5 (Windows NT)
* Raptor Firewall V6.5.3 (Solaris)
* Symantec Enterprise Firewall 6.5.2 (Windows 2000 and NT)
There exists a problem in Simple, secure webserver 1.1 that is shipped with Raptor Firewall 6.5 (among others), in which an attacker can connect to the proxy server from the outside, and issue a CONNECT to IP-addresses on the inside interface, and thereby determine if there are hosts present or not by inspecting the error message. This problem lets an attacker map out the entire topology of a client from the outside.
Symantec has addressed this issue as a collateral problem in an earlier security update for the Symantec Enterprise Firewall. The Symantec Enterprise Firewall is not vulnerable to this concern if patched fully up-to-date.
Solutions:
Apply official patch from Symantec
Patch:
Download the appropriate patch from: http://www.symantec.com/techsupp
Vendor status:
Symantec was contacted 27. August 2002. Symantec promptly tested and confirmed AI-SEC Security's findings. However, Symantec claims that this issue was fixed in a patch released late summer 2002.
|
|
|
|
|
|
|
|
|
|
