The HTTP proxy in Symantec Gateway Security 5000 Series 2.0.1 and 3.0, and Enterprise Firewall 8.0, when NAT is being used, allows remote attackers to determine internal IP addresses by using malformed HTTP requests, as demonstrated using a get request without a space separating the URI.
References
Link | Resource |
---|---|
http://secunia.com/advisories/20082 | Patch Vendor Advisory |
http://securityresponse.symantec.com/avcenter/security/Content/2006.05.10.html | Patch Vendor Advisory |
http://securitytracker.com/id?1016057 | Patch |
http://securitytracker.com/id?1016058 | Patch |
http://www.securityfocus.com/archive/1/433876/30/5040/threaded | |
http://www.securityfocus.com/bid/17936 | Exploit |
http://www.vupen.com/english/advisories/2006/1764 | Vendor Advisory |
https://exchange.xforce.ibmcloud.com/vulnerabilities/26370 |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2006-05-12T01:00:00
Updated: 2018-10-18T14:57:01
Reserved: 2006-05-11T00:00:00
Link: CVE-2006-2341
JSON object: View
NVD Information
Status : Modified
Published: 2006-05-12T01:02:00.000
Modified: 2018-10-18T16:39:25.867
Link: CVE-2006-2341
JSON object: View
Redhat Information
No data.
CWE