CVE-2004-1472 - OpenCVE

Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 allow remote attackers to cause a denial of service (device freeze) via a fast UDP port scan on the WAN interface.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:N/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Symantec	Firewall Vpn Appliance 200r Nexland Pro800turbo Firewall Appliance Firewall Vpn Appliance 100 Firewall Vpn Appliance 200 Nexland Pro400 Firewall Appliance Nexland Pro100 Firewall Appliance Nexland Wavebase Firewall Appliance Gateway Security Nexland Pro800 Firewall Appliance Nexland Isb Soho Firewall Appliance

Configuration 1 [-]

OR	cpe:2.3:h:symantec:firewall_vpn_appliance_100::::::::
	cpe:2.3:h:symantec:firewall_vpn_appliance_200::::::::
	cpe:2.3:h:symantec:firewall_vpn_appliance_200r::::::::
	cpe:2.3:h:symantec:gateway_security:320:::::::*
	cpe:2.3:h:symantec:gateway_security:360:::::::*
	cpe:2.3:h:symantec:gateway_security:360r:::::::*
	cpe:2.3:h:symantec:nexland_isb_soho_firewall_appliance::::::::
	cpe:2.3:h:symantec:nexland_pro100_firewall_appliance::::::::
	cpe:2.3:h:symantec:nexland_pro400_firewall_appliance::::::::
	cpe:2.3:h:symantec:nexland_pro800_firewall_appliance::::::::
	cpe:2.3:h:symantec:nexland_pro800turbo_firewall_appliance::::::::
	cpe:2.3:h:symantec:nexland_wavebase_firewall_appliance::::::::

References

Link	Resource
http://marc.info/?l=bugtraq&m=109588376426070&w=2
http://secunia.com/advisories/12635
http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html	Vendor Advisory
http://www.kb.cert.org/vuls/id/441078	Third Party Advisory US Government Resource
http://www.osvdb.org/10204
http://www.securityfocus.com/bid/11237
https://exchange.xforce.ibmcloud.com/vulnerabilities/17469

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2005-02-13T05:00:00

Updated: 2017-07-10T14:57:01

Reserved: 2005-02-13T00:00:00

Link: CVE-2004-1472

JSON object: View

NVD Information

Status : Modified

Published: 2004-12-31T05:00:00.000

Modified: 2017-07-11T01:31:03.810

Link: CVE-2004-1472

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-Other

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2004-09-22T00:00:00", "descriptions": [{"lang": "en", "value": "Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 allow remote attackers to cause a denial of service (device freeze) via a fast UDP port scan on the WAN interface."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-10T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "12635", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/12635"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html"}, {"name": "20040922 Multiple Vulnerabilities in Symantec Enterprise Firewall/Gateway Security Products", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://marc.info/?l=bugtraq&m=109588376426070&w=2"}, {"name": "symantec-firewallvpn-udp-dos(17469)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17469"}, {"name": "VU#441078", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/441078"}, {"name": "11237", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/11237"}, {"name": "10204", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/10204"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-1472", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 allow remote attackers to cause a denial of service (device freeze) via a fast UDP port scan on the WAN interface."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "12635", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/12635"}, {"name": "http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html", "refsource": "CONFIRM", "url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html"}, {"name": "20040922 Multiple Vulnerabilities in Symantec Enterprise Firewall/Gateway Security Products", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq&m=109588376426070&w=2"}, {"name": "symantec-firewallvpn-udp-dos(17469)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17469"}, {"name": "VU#441078", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/441078"}, {"name": "11237", "refsource": "BID", "url": "http://www.securityfocus.com/bid/11237"}, {"name": "10204", "refsource": "OSVDB", "url": "http://www.osvdb.org/10204"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-1472", "datePublished": "2005-02-13T05:00:00", "dateReserved": "2005-02-13T00:00:00", "dateUpdated": "2017-07-10T14:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:symantec:firewall_vpn_appliance_100:*:*:*:*:*:*:*:*", "matchCriteriaId": "E5851263-81A6-40AE-8486-E919D5279CC7", "vulnerable": true}, {"criteria": "cpe:2.3:h:symantec:firewall_vpn_appliance_200:*:*:*:*:*:*:*:*", "matchCriteriaId": "0E0D3199-365E-4D26-8D23-6492832EF096", "vulnerable": true}, {"criteria": "cpe:2.3:h:symantec:firewall_vpn_appliance_200r:*:*:*:*:*:*:*:*", "matchCriteriaId": "5081F382-CC20-4C7B-A3F8-08FAF31012D9", "vulnerable": true}, {"criteria": "cpe:2.3:h:symantec:gateway_security:320:*:*:*:*:*:*:*", "matchCriteriaId": "EFFC0BF4-56EE-414C-8D45-3D2ACCBDC03A", "vulnerable": true}, {"criteria": "cpe:2.3:h:symantec:gateway_security:360:*:*:*:*:*:*:*", "matchCriteriaId": "6B786C20-6C40-4DBE-AC24-D8B8E98FD6F5", "vulnerable": true}, {"criteria": "cpe:2.3:h:symantec:gateway_security:360r:*:*:*:*:*:*:*", "matchCriteriaId": "38F65C12-9866-423F-8E59-FE905FE79043", "vulnerable": true}, {"criteria": "cpe:2.3:h:symantec:nexland_isb_soho_firewall_appliance:*:*:*:*:*:*:*:*", "matchCriteriaId": "7EACDC99-3B80-47D8-8BC4-A21CA0BC234B", "vulnerable": true}, {"criteria": "cpe:2.3:h:symantec:nexland_pro100_firewall_appliance:*:*:*:*:*:*:*:*", "matchCriteriaId": "99238614-0234-4550-84FB-8B1C7B8CE1E6", "vulnerable": true}, {"criteria": "cpe:2.3:h:symantec:nexland_pro400_firewall_appliance:*:*:*:*:*:*:*:*", "matchCriteriaId": "380A5A63-588D-4427-A513-147841B3FB57", "vulnerable": true}, {"criteria": "cpe:2.3:h:symantec:nexland_pro800_firewall_appliance:*:*:*:*:*:*:*:*", "matchCriteriaId": "CF31AD20-099E-4323-AE18-40C52878454A", "vulnerable": true}, {"criteria": "cpe:2.3:h:symantec:nexland_pro800turbo_firewall_appliance:*:*:*:*:*:*:*:*", "matchCriteriaId": "E9707BBB-8095-451D-80C7-BAC923BCB786", "vulnerable": true}, {"criteria": "cpe:2.3:h:symantec:nexland_wavebase_firewall_appliance:*:*:*:*:*:*:*:*", "matchCriteriaId": "4D072C1C-FC87-4986-9320-EFD9F58F192C", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 allow remote attackers to cause a denial of service (device freeze) via a fast UDP port scan on the WAN interface."}], "id": "CVE-2004-1472", "lastModified": "2017-07-11T01:31:03.810", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2004-12-31T05:00:00.000", "references": [{"source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq&m=109588376426070&w=2"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/12635"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/441078"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/10204"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/11237"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17469"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}