CVE-2006-4562
First published: Wed Sep 06 2006(Updated: )
** DISPUTED ** The proxy DNS service in Symantec Gateway Security (SGS) allows remote attackers to make arbitrary DNS queries to third-party DNS servers, while hiding the source IP address of the attacker. NOTE: another researcher has stated that the default configuration does not proxy DNS queries received on the external interface.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Symantec Gateway Security | =5310_1.0 | |
| Symantec Gateway Security | =5400_2.0.1 | |
| Symantec Gateway Security | =5110 | |
| Symantec Gateway Security | =5200_1.0 | |
| Symantec Gateway Security | =360 | |
| Symantec Gateway Security | =5300 | |
| Symantec Gateway Security | =320 | |
| Symantec Gateway Security | =360r | |
| Symantec Gateway Security | =1.0 | |
| Symantec Gateway Security | =5400_2.0 | |
| Symantec Gateway Security | =5000_series_2.0.1 | |
| Symantec Gateway Security | =5000_series_3.0 | |
| Symantec Gateway Security | =5200 | |
| Symantec Gateway Security | =5300_1.0 | |
| Symantec Gateway Security | =5110_1.0 | |
| =1.0 | ||
| =320 | ||
| =360 | ||
| =360r | ||
| =5000_series_2.0.1 | ||
| =5000_series_3.0 | ||
| =5110 | ||
| =5110_1.0 | ||
| =5200 | ||
| =5200_1.0 | ||
| =5300 | ||
| =5300_1.0 | ||
| =5310_1.0 | ||
| =5400_2.0 | ||
| =5400_2.0.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2006-4562?
CVE-2006-4562 is considered a moderate severity vulnerability due to its potential for misuse in hiding attacker origins.
How do I fix CVE-2006-4562?
Fixing CVE-2006-4562 involves configuring the Symantec Gateway Security to disable proxy DNS queries.
What are the affected versions in CVE-2006-4562?
The affected versions include Symantec Gateway Security 320, 360, 5110, 5200, 5300, 5310, and 5400 series.
Can CVE-2006-4562 affect my network security?
Yes, CVE-2006-4562 can compromise network security by allowing remote attackers to perform arbitrary DNS queries.
Is CVE-2006-4562 still a risk in modern environments?
While the exploit relies on older versions of Symantec Gateway Security, organizations still running these versions should assess their risk.
- collector/nvd-historical
- collector/nvd-index
- agent/references
- agent/author
- agent/type
- agent/weakness
- agent/severity
- agent/status
- agent/softwarecombine
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/tags
- agent/first-publish-date
- agent/event
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/last-modified-date
- agent/source
- vendor/symantec
- canonical/symantec gateway security
- version/symantec gateway security/5310_1.0
- version/symantec gateway security/5400_2.0.1
- version/symantec gateway security/5110
- version/symantec gateway security/5200_1.0
- version/symantec gateway security/360
- version/symantec gateway security/5300
- version/symantec gateway security/320
- version/symantec gateway security/360r
- version/symantec gateway security/1.0
- version/symantec gateway security/5400_2.0
- version/symantec gateway security/5000_series_2.0.1
- version/symantec gateway security/5000_series_3.0
- version/symantec gateway security/5200
- version/symantec gateway security/5300_1.0
- version/symantec gateway security/5110_1.0
- status/disputed