Symantec firewalls, gateways vulnerable

By Jim Rendon, News Writer 23 Sep 2004 | SearchNetworking.com

Digg This!     StumbleUpon     Del.icio.us

Security firm Symantec Corp. today announced a series of vulnerabilities in its firewalls and gateways that make them susceptible to denial-of-service attacks. Firmware fixes are available.

The Symantec Firewall/VPN Appliance 100, 200 and 200R and the Symantec Gateway Security 320, 360 and 360R are all affected.

According to information released by the Cupertino, Calif.-based company, the firewalls are vulnerable to three kinds of attacks: someone can perform a denial-of-service attack, identify services on the WAN interface and alter the firewall's configuration.

The firewalls are vulnerable to all three exploits. The gateways are only vulnerable to the later two.

For more information Learn why a cooldown is expected in the firewall market.   See Symantec's security bulletin.

According to a bulletin published by Secunia, a Copenhagen, Denmark-based IT security firm, the denial-of-service attack can be achieved through an error in the firewall's connection handling, which causes the firewall to stop responding. User Datagram Protocol services, an alternative to TCP, can be identified through an access control error that accepts incoming traffic from Port 53.

As a result, a hacker can scan for UDP services and communicate with them. And the appliances can be manipulated because the Simple Network Management Protocol read/write community strings can't be changed, allowing an attacker to gain access and then manipulate the firewall's configuration.

Symantec has released firmware builds to address the vulnerabilities.

Ottawa-based Rigel Kent Security & Advisory Services reported the vulnerabilities to Symantec. Symantec said that it is unaware of any attempts to exploit these vulnerabilities.

Tags: Network Security Best Practices and Products,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Network Security Best Practices and Products 3Com acquisition confirms HP-Cisco battle for China Enterprises demand next-generation firewalls with IPS, app visibility Preventing hacker attacks with network behavior analysis IPS Is there a way to trace my stolen laptop computer? Integrating NAC with network security tools Should organizations separate technical from administrative security? What network equipment is needed to secure a small business LAN? Ethical hacking and countermeasures: Network penetration testing intro Are you on a domain name system (DNS) blacklist database? Rogue access points: Preventing, detecting and handling best practices

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary anti-replay protocol  (SearchNetworking.com) dynamic packet filter  (SearchNetworking.com) HELLO packet  (SearchNetworking.com) packet filtering  (SearchNetworking.com) rule base  (SearchNetworking.com) stateful inspection  (SearchNetworking.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary