Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0309

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2002-0309
Last Modified 10 Sep 2008 08:00:55
Published 31 May 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-0309

Summary

SMTP proxy in Symantec Enterprise Firewall (SEF) 6.5.x includes the firewall's physical interface name and address in an SMTP protocol exchange when NAT translation is made to an address other than the firewall, which could allow remote attackers to determine certain firewall configuration information.

Vulnerable Systems

Application

  • Symantec Enterprise Firewall 6.5.2


References

BUGTRAQ - 20020221 Symantec Enterprise Firewall (SEF) SMTP proxy inconsistencies

CONFIRM - http://securityresponse.symantec.com/avcenter/security/Content/2002.02.20.html

BUGTRAQ - 20020220 Symantec Enterprise Firewall (SEF) SMTP proxy inconsistencies

BID - 4141

XF - sef-smtp-proxy-information(8251)


Last Updated: 27 May 2016 10:36:52