Updated: Symantec fixes DNS cache poisoning flaw

A vulnerability in Symantec Enterprise Firewall, Gateway Security and the VelociRaptor operating system could be exploited to poison the DNS cache.

Symantec has issued a fix for a DNS cache poisoning vulnerability in its Enterprise Firewall and Gateway Security software and VelociRaptor operating system.

IT security firm Secunia, which first reported the flaw Friday, issued an updated advisory this morning that notes the hotfix Symantec has made available. Symantec issued its own advisory last night directing users to its support site for the appropriate hotfix.

Secunia, based in Copenhagen, Denmark, called the vulnerability "moderately critical."

"If a DNS cache is poisoned, one can no longer trust any Web site or host based on its domain name," Thomas Kristensen, Secunia's chief technology officer, said in an e-mailed statement. He added the problem "is an issue for system administrators, not normal private users."

When acting as a caching DNS server, the integrated DNS proxy reportedly trusts any answer received from a DNS server without checking that it actually corresponds to a query or is valid, Kristensen wrote. This can be exploited to insert fake information in the DNS cache, which can be used to direct users to malicious Web sites or just prevent them from accessing certain Web sites.

Symantec, of Cupertino, Calif., said in its advisory that the flaw affects the following products:

  • Symantec Gateway Security 5400 Series, v2.0
  • Symantec Gateway Security 5300 Series, v1.0
  • Symantec Enterprise Firewall, v7.0.x (Windows and Solaris)
  • Symantec Enterprise Firewall v8.0 (Windows and Solaris)
  • Symantec VelociRaptor, Model 1100/1200/1300
  • Symantec VelociRaptor, Model 500/700/1000
  • Symantec said in the advisory that it's unaware of any active attempts to exploit the vulnerability.

Dig deeper on Application Attacks (Buffer Overflows, Cross-Site Scripting)

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close