Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Information-Security-News
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[ISN] Symantec Holes Open Up Firewalls to Attacks

from [InfoSec News] Network Security [Permanent Link]
Subject: [ISN] Symantec Holes Open Up Firewalls to Attacks
Date: Fri, 24 Sep 2004 02:34:13 -0500 (CDT) 
http://www.eweek.com/article2/0,1759,1650425,00.asp

By Matthew Broersma 
September 23, 2004    

Symantec Corp. has warned of a string of security holes in its
Firewall/VPN Appliance and Gateway Security products, less than a
month after its last firewall security problems.

Three new bugs could allow a remote attacker to shut down a firewall
appliance, identify active services in the WAN (wide area network)  
interface and alter the firewall's configuration, Symantec said in a
Wednesday advisory. [1]

All three flaws, which Rigel Kent Security & Advisory Services
discovered, affect Symantec Firewall/VPN Appliance 100, 200 and 200R
models; Gateway Security 320, 360 and 360R are vulnerable to all but
one, a denial-of-service bug.

An attacker could cause the firewall products to stop responding by
exploiting an error within the connection handling via a port scan of
all WAN interface ports, according to security researcher Secunia,
which ranked the flaws as "highly critical." The second bug is found
in the firewall's default rule set, which allows an attacker to listen
for and identify UDP services, if a particular port is used.

The second flaw can be exploited together with a third bug involving
the SNMP (Simple Network Management Protocol) service to disclose and
manipulate the firewall's configuration, effectively bypassing
firewall security, researchers said.

As companies have grown ever more security-conscious and reliant on
complex protection systems, researchers have subjected products such
as VPNs and firewalls to increasing scrutiny.

Last month, Symantec warned of a flaw in its VPN and firewall server
products that could allow an attacker to take over affected systems
and gain access to corporate networks. That vulnerability lay in
LibKmp, which Entrust provides to third parties for use in VPN
products, meaning any LibKmp-based VPN was potentially affected.

In July, Internet Security Systems warned of a vulnerability in a wide
range of Check Point Software Technologies' VPN products, including
versions of VPN-1, FireWall-1, Provider-1 and SSL Network Extender.  
Check Point's enterprise security products are among the most widely
used on the Internet. Similar Check Point VPN holes also appeared in
February and May. In April, Cisco Systems disclosed a number of bugs
in its products, including its VPN hardware and software.

A serious bug in the Kerberos authentication system, revealed earlier
this month, also could have allowed access to protected corporate
networks.

[1] http://www.sarc.com/avcenter/security/Content/2004.09.22.html 



_________________________________________
Donate online for the Ron Santo Walk to Cure Diabetes - 
http://www.c4i.org/ethan.html
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [ISN] Symantec Holes Open Up Firewalls to Attacks, InfoSec News <=
Previous by Date:  [ISN] SSH Bouncing - How to get through firewalls easily, Part 2., InfoSec News
Next by Date:  [ISN] Microsoft: To secure IE, upgrade to XP, InfoSec News
Previous by Thread:  [ISN] SSH Bouncing - How to get through firewalls easily, Part 2., InfoSec News
Next by Thread:  [ISN] Microsoft: To secure IE, upgrade to XP, InfoSec News
Indexes:  [Date] [Thread] [Top] [All Lists]