Vulnerabilities affect multiple Symantec products

Bill Brenner

An attacker could exploit a security hole in several Symantec Corp. products to cause a denial of service. The Cupertino, Calif.-based company recommends users protect themselves by applying the latest available patches.

The vulnerability is caused by an unspecified error within the "isakmpd" service. Copenhagen, Denmark-based IT security firm Secunia said in its

    Requires Free Membership to View

advisory that the vulnerability is "moderately critical" and can be exploited remotely.

Symantec said in a statement the vulnerability only affects enterprise gateway products that incorporate the Entrust module and negotiate dynamic vpn tunnels. "To date, Symantec has not had any reports of any related exploit of the vulnerability," the company said. Users can download the patches from Symantec's security site.

The following products are affected:

  • VelociRaptor 1.5
  • Gateway Security 1.0
  • Gateway Security 2.0
  • Enterprise Firewall/VPN 7.0 for Solaris
  • Enterprise Firewall/VPN 7.0 for Windows NT/2000
  • Enterprise Firewall/VPN 7.0.4 for Solaris
  • Enterprise Firewall/VPN 7.0.4 for Windows NT/2000

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: