CVE-2006-2341: Infoleak
First published: Fri May 12 2006(Updated: )
The HTTP proxy in Symantec Gateway Security 5000 Series 2.0.1 and 3.0, and Enterprise Firewall 8.0, when NAT is being used, allows remote attackers to determine internal IP addresses by using malformed HTTP requests, as demonstrated using a get request without a space separating the URI.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Symantec Enterprise Firewall | =8.0 | |
| Symantec Gateway Security | =2.0.1 | |
| Symantec Gateway Security | =3.0 | |
| Symantec Gateway Security | =5000_series_2.0.1 | |
| Symantec Gateway Security | =5000_series_3.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://securityresponse.symantec.com/avcenter/security/Content/2006.05.10.html
- http://www.securityfocus.com/bid/17936
- http://securitytracker.com/id?1016057
- http://securitytracker.com/id?1016058
- http://secunia.com/advisories/20082
- http://www.vupen.com/english/advisories/2006/1764
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26370
- http://www.securityfocus.com/archive/1/433876/30/5040/threaded
Frequently Asked Questions
What is the severity of CVE-2006-2341?
CVE-2006-2341 is classified as a medium severity vulnerability because it allows remote attackers to expose internal IP addresses.
How do I fix CVE-2006-2341?
To fix CVE-2006-2341, you should update the affected Symantec software to the latest available version that resolves this issue.
Who is affected by CVE-2006-2341?
Users of Symantec Gateway Security versions 2.0.1 and 3.0, as well as Symantec Enterprise Firewall version 8.0, are affected by CVE-2006-2341.
What can attackers do with CVE-2006-2341?
Attackers can exploit CVE-2006-2341 to send malformed HTTP requests that reveal internal IP addresses of the network.
Is there a workaround for CVE-2006-2341?
While the best resolution is to apply updates, you can minimize risk by implementing additional firewall rules to restrict access until the software is updated.
- agent/author
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/remedy
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/type
- agent/weakness
- collector/nvd-historical
- collector/nvd-index
- vendor/symantec
- canonical/symantec enterprise firewall
- version/symantec enterprise firewall/8.0
- canonical/symantec gateway security
- version/symantec gateway security/2.0.1
- version/symantec gateway security/3.0
- version/symantec gateway security/5000_series_2.0.1
- version/symantec gateway security/5000_series_3.0