Symantec firewalls, gateways vulnerable

By Jim Rendon, News Writer 23 Sep 2004 | SearchNetworking.com

Digg This!     StumbleUpon     Del.icio.us

Security firm Symantec Corp. today announced a series of vulnerabilities in its firewalls and gateways that make them susceptible to denial-of-service attacks. Firmware fixes are available.

The Symantec Firewall/VPN Appliance 100, 200 and 200R and the Symantec Gateway Security 320, 360 and 360R are all affected.

According to information released by the Cupertino, Calif.-based company, the firewalls are vulnerable to three kinds of attacks: someone can perform a denial-of-service attack, identify services on the WAN interface and alter the firewall's configuration.

The firewalls are vulnerable to all three exploits. The gateways are only vulnerable to the later two.

For more information Learn why a cooldown is expected in the firewall market.   See Symantec's security bulletin.

According to a bulletin published by Secunia, a Copenhagen, Denmark-based IT security firm, the denial-of-service attack can be achieved through an error in the firewall's connection handling, which causes the firewall to stop responding. User Datagram Protocol services, an alternative to TCP, can be identified through an access control error that accepts incoming traffic from Port 53.

As a result, a hacker can scan for UDP services and communicate with them. And the appliances can be manipulated because the Simple Network Management Protocol read/write community strings can't be changed, allowing an attacker to gain access and then manipulate the firewall's configuration.

Symantec has released firmware builds to address the vulnerabilities.

Ottawa-based Rigel Kent Security & Advisory Services reported the vulnerabilities to Symantec. Symantec said that it is unaware of any attempts to exploit these vulnerabilities.

Tags: Network Firewalls, Routers and Switches,  UTM Appliances and Strategies,  Client security,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Network Firewalls, Routers and Switches How to prepare for a secure network hardware upgrade Best Network Firewall Products What is the difference between static and dynamic network validation? Screencast: Smoothwall offers firewall defense in lean times New Cisco IOS bugs pose tempting targets, says Black Hat researcher How to implement virtual firewalls in a complex network infrastructure How to manage network bandwidth with distributed ISP bandwidth Firewall rule management best practices Should enterprises be running multiple firewalls? What are the disadvantages of proxy-based firewalls? UTM Appliances and Strategies Best Unified Threat Management Products Unified threat management products gaining midmarket, enterprise foothold Virtual appliances boost flexibility, improve security Enterprise UTM security: The best threat management solution? Microsoft Threat Management Gateway has some drawbacks The case against UTM: Is there a better alternative? Rising Profile Check Point to acquire Nokia security appliance business McAfee adds NAC module, appliance for unified policy enforcement IBM announcements mark two years of ISS marriage Client security InZero Systems launches hardware-based security gateway DLP technology challenges security costs Endpoint protection best practices manual: Combating issues, problems Kaspersky update for SMBs in wake of free Microsoft Security Essentials Microsoft makes free antivirus software widely available Security best practices in hotels Best Antimalware Products Perimeter defense in the era of the perimeterless network Microsoft Security Essentials (MSE) shows no vision, expert says Smart tactics for antivirus and antispyware

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary bastion host  (SearchSecurity.com) firewall  (SearchSecurity.com) Firewall Builder  (SearchSecurity.com) screened subnet  (SearchSecurity.com) virus  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary