Vulnerability Note VU#441078
Symantec Firewall/VPN appliance vulnerable to DoS via UDP port scan
A vulnerability in the Symantec Firewall/VPN appliance could allow an attacker to cause a denial-of-service condition.
The Symantec Firewall/VPN appliance supports a number of services that utilize the UDP protocol including tftpd, snmpd, and isakmp. There is a vulnerability in the Firewall/VPN appliance that allows a UDP port scan on the WAN interface against all ports (i.e. 1-65535) to cause the device to stop responding. In order to regain functionality, the device must be powered off and back on.
A remote, unauthenticated attacker could cause a denial-of-service condition.
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Symantec Corporation||Affected||-||20 Oct 2004|
CVSS Metrics (Learn More)
This vulnerability was reported by Symantec. Symantec credits Mike Sues and the Rigel Kent Security & Advisory Services for discovering the vulnerability.
This document was written by Damon Morda.
- CVE IDs: Unknown
- Date Public: 22 Sep 2004
- Date First Published: 20 Oct 2004
- Date Last Updated: 20 Oct 2004
- Severity Metric: 5.78
- Document Revision: 8
If you have feedback, comments, or additional information about this vulnerability, please send us email.