CVE-2004-1472
First published: Fri Dec 31 2004(Updated: )
Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 allow remote attackers to cause a denial of service (device freeze) via a fast UDP port scan on the WAN interface.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Symantec Firewall VPN Appliance 200 | ||
| Symantec Nexland Wavebase Firewall Appliance | ||
| Symantec Gateway Security | =360 | |
| Symantec Nexland Pro400 Firewall Appliance | ||
| Symantec Gateway Security | =320 | |
| Symantec Gateway Security | =360r | |
| Symantec Nexland Pro800Turbo Firewall Appliance | ||
| Symantec Nexland Pro800 Firewall Appliance | ||
| Symantec Nexland Pro100 Firewall Appliance | ||
| Symantec Firewall VPN Appliance 200R | ||
| Symantec Nexland ISB SOHO Firewall Appliance | ||
| Symantec Firewall VPN Appliance 100 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html
- http://www.kb.cert.org/vuls/id/441078
- http://www.securityfocus.com/bid/11237
- http://www.osvdb.org/10204
- http://secunia.com/advisories/12635
- http://marc.info/?l=bugtraq&m=109588376426070&w=2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17469
Frequently Asked Questions
What is the severity of CVE-2004-1472?
CVE-2004-1472 has been classified as a moderate severity vulnerability due to its ability to cause a denial of service.
How do I fix CVE-2004-1472?
To mitigate CVE-2004-1472, update your Symantec Enterprise Firewall/VPN Appliances to firmware version 1.63 or later.
Which devices are affected by CVE-2004-1472?
CVE-2004-1472 affects Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R, as well as several models of Symantec Gateway Security and Nexland Firewall Appliances.
What type of attack does CVE-2004-1472 enable?
CVE-2004-1472 enables remote attackers to execute a denial of service attack that can cause the affected devices to freeze.
Should I be concerned about CVE-2004-1472?
Yes, if you are using affected Symantec devices with outdated firmware, you should take steps to address the vulnerability promptly.
- agent/type
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/weakness
- agent/references
- agent/last-modified-date
- agent/severity
- agent/description
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/symantec
- canonical/symantec firewall vpn appliance 100
- canonical/symantec firewall vpn appliance 200
- canonical/symantec firewall vpn appliance 200r
- canonical/symantec gateway security
- version/symantec gateway security/320
- version/symantec gateway security/360
- version/symantec gateway security/360r
- canonical/symantec nexland isb soho firewall appliance
- canonical/symantec nexland pro100 firewall appliance
- canonical/symantec nexland pro400 firewall appliance
- canonical/symantec nexland pro800 firewall appliance
- canonical/nexland pro800turbo
- canonical/symantec nexland wavebase firewall appliance