CVE-2006-2341 - OpenCVE

The HTTP proxy in Symantec Gateway Security 5000 Series 2.0.1 and 3.0, and Enterprise Firewall 8.0, when NAT is being used, allows remote attackers to determine internal IP addresses by using malformed HTTP requests, as demonstrated using a get request without a space separating the URI.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Symantec	Gateway Security Enterprise Firewall

Configuration 1 [-]

OR	cpe:2.3:a:symantec:enterprise_firewall:8.0:::::::*
	cpe:2.3:a:symantec:gateway_security:2.0.1:::::::*
	cpe:2.3:a:symantec:gateway_security:3.0:::::::*

Configuration 2 [-]

OR	cpe:2.3:h:symantec:gateway_security:5000_series_2.0.1:::::::*
	cpe:2.3:h:symantec:gateway_security:5000_series_3.0:::::::*

References

Link	Resource
http://secunia.com/advisories/20082	Patch Vendor Advisory
http://securityresponse.symantec.com/avcenter/security/Content/2006.05.10.html	Patch Vendor Advisory
http://securitytracker.com/id?1016057	Patch
http://securitytracker.com/id?1016058	Patch
http://www.securityfocus.com/archive/1/433876/30/5040/threaded
http://www.securityfocus.com/bid/17936	Exploit
http://www.vupen.com/english/advisories/2006/1764	Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/26370

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2006-05-12T01:00:00

Updated: 2018-10-18T14:57:01

Reserved: 2006-05-11T00:00:00

Link: CVE-2006-2341

JSON object: View

NVD Information

Status : Modified

Published: 2006-05-12T01:02:00.000

Modified: 2018-10-18T16:39:25.867

Link: CVE-2006-2341

JSON object: View

Redhat Information

No data.

CWE

CWE-200

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-05-10T00:00:00", "descriptions": [{"lang": "en", "value": "The HTTP proxy in Symantec Gateway Security 5000 Series 2.0.1 and 3.0, and Enterprise Firewall 8.0, when NAT is being used, allows remote attackers to determine internal IP addresses by using malformed HTTP requests, as demonstrated using a get request without a space separating the URI."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-18T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.05.10.html"}, {"name": "symantec-firewall-proxy-ip-disclosure(26370)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26370"}, {"name": "17936", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/17936"}, {"name": "ADV-2006-1764", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/1764"}, {"name": "1016057", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1016057"}, {"name": "1016058", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1016058"}, {"name": "20082", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/20082"}, {"name": "20060512 SEC Consult SA-20060512-0 :: Symantec Enterprise Firewall NAT/HTTP Proxy Private IP Exposure", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/433876/30/5040/threaded"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-2341", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The HTTP proxy in Symantec Gateway Security 5000 Series 2.0.1 and 3.0, and Enterprise Firewall 8.0, when NAT is being used, allows remote attackers to determine internal IP addresses by using malformed HTTP requests, as demonstrated using a get request without a space separating the URI."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://securityresponse.symantec.com/avcenter/security/Content/2006.05.10.html", "refsource": "CONFIRM", "url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.05.10.html"}, {"name": "symantec-firewall-proxy-ip-disclosure(26370)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26370"}, {"name": "17936", "refsource": "BID", "url": "http://www.securityfocus.com/bid/17936"}, {"name": "ADV-2006-1764", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/1764"}, {"name": "1016057", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1016057"}, {"name": "1016058", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1016058"}, {"name": "20082", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20082"}, {"name": "20060512 SEC Consult SA-20060512-0 :: Symantec Enterprise Firewall NAT/HTTP Proxy Private IP Exposure", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/433876/30/5040/threaded"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-2341", "datePublished": "2006-05-12T01:00:00", "dateReserved": "2006-05-11T00:00:00", "dateUpdated": "2018-10-18T14:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:symantec:enterprise_firewall:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "593124AA-5952-4A7E-AB55-D5D851C5DE0F", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:gateway_security:2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "031C9545-1CF1-46EF-B79C-7AD69E1B1C82", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:gateway_security:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "CBA50974-633C-40EF-B11D-4897E4CD44D9", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:symantec:gateway_security:5000_series_2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "00163129-F72A-4C56-A4E4-D254ED71FB63", "vulnerable": true}, {"criteria": "cpe:2.3:h:symantec:gateway_security:5000_series_3.0:*:*:*:*:*:*:*", "matchCriteriaId": "97BE5E88-1DA6-48A7-9811-97EE6582A627", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The HTTP proxy in Symantec Gateway Security 5000 Series 2.0.1 and 3.0, and Enterprise Firewall 8.0, when NAT is being used, allows remote attackers to determine internal IP addresses by using malformed HTTP requests, as demonstrated using a get request without a space separating the URI."}], "id": "CVE-2006-2341", "lastModified": "2018-10-18T16:39:25.867", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2006-05-12T01:02:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/20082"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.05.10.html"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://securitytracker.com/id?1016057"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://securitytracker.com/id?1016058"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/433876/30/5040/threaded"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/17936"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2006/1764"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26370"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}