A vulnerability in the Symantec Firewall/VPN appliance could allow an attacker to cause a denial-of-service condition.
The Symantec Firewall/VPN appliance supports a number of services that utilize the UDP protocol including tftpd, snmpd, and isakmp. There is a vulnerability in the Firewall/VPN appliance that allows a UDP port scan on the WAN interface against all ports (i.e. 1-65535) to cause the device to stop responding. In order to regain functionality, the device must be powered off and back on.
A remote, unauthenticated attacker could cause a denial-of-service condition.
This vulnerability was reported by Symantec. Symantec credits Mike Sues and the Rigel Kent Security & Advisory Services for discovering the vulnerability.
This document was written by Damon Morda.
|Date First Published:||2004-10-20|
|Date Last Updated:||2004-10-20 14:37 UTC|