Vulnerabilities affect multiple Symantec products

A vulnerability in multiple Symantec products could be exploited for a denial-of-service attack.

An attacker could exploit a security hole in several Symantec Corp. products to cause a denial of service. The Cupertino, Calif.-based company recommends users protect themselves by applying the latest available patches.

The vulnerability is caused by an unspecified error within the "isakmpd" service. Copenhagen, Denmark-based IT security firm Secunia said in its advisory that the vulnerability is "moderately critical" and can be exploited remotely.

Symantec said in a statement the vulnerability only affects enterprise gateway products that incorporate the Entrust module and negotiate dynamic vpn tunnels. "To date, Symantec has not had any reports of any related exploit of the vulnerability," the company said. Users can download the patches from Symantec's security site.

The following products are affected:

  • VelociRaptor 1.5
  • Gateway Security 1.0
  • Gateway Security 2.0
  • Enterprise Firewall/VPN 7.0 for Solaris
  • Enterprise Firewall/VPN 7.0 for Windows NT/2000
  • Enterprise Firewall/VPN 7.0.4 for Solaris
  • Enterprise Firewall/VPN 7.0.4 for Windows NT/2000

Dig deeper on Email Security Guidelines, Encryption and Appliances

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close