Symantec issues patches for Firewall/VPN and Gateway Security

By Shawna McAlearney, News Editor 01 Mar 2005 | SearchSecurity.com

Digg This!     StumbleUpon     Del.icio.us

Symantec Corp. yesterday issued what it ranked as medium level patches for a number of its products that could allow the remote exposure of sensitive information.

Danish security vulnerability aggregator Secunia said, "The problem is caused due to an error in the SMTP

How to fix the flaw Symantec Firewall/VPN Appliance models 200 and 200R -- Upgrade to build 1.68 Symantec Gateway Security Appliance models 360 and 360R -- Upgrade to build 858 Nexland Pro800turbo --Upgrade to build 1.6X

binding functionality of certain devices with ISP load-balancing capabilities. This results in outbound e-mail traffic being load-balanced regardless of the configured WAN binding selection, which may cause sensitive SMTP traffic only destined for a trusted network to be passed over an untrusted connection."

Cupertino, Calif.-based Symantec labeled the flaw "SMTP binding configuration bypassed" and said the risk impact is "highly configuration dependent."

The security vendor said the flaw affects:

• Symantec Firewall/VPN Appliance 200/200R firmware builds prior to 1.68 and later than 1.5Z;
• Symantec Gateway Security 360/360R firmware builds prior to 858;
• Symantec Gateway Security 460/460R firmware builds prior to build 858;
• and Nexland Pro800turbo firmware builds prior to build 1.6X and later than 1.5Z.

"Symantec was notified of this potential vulnerability in a Symantec Gateway Security 360 appliance configured to load-balance two ISPs with SMTP binding set for a single WAN," said the Symantec advisory. "The SMTP binding configuration was not being implemented as selected causing SMTP traffic to be load-balanced through both WAN1 and WAN2. This could result in

More on patching Best practices for patch management Drowning in a sea of patches? Register for a webcast where our guest shares best practices for patch management. Products of the Year: Patch management Information Security magazine unveils the best patch management products of 2004.

a potential vulnerability if a trusted network was selected for SMTP binding through one WAN and an untrusted network connected to the other WAN. SMTP traffic bound to the trusted network could potentially be passed over both the trusted and untrusted WANs [load-balanced]."

Symantec recommends that those using SMTP binding in load-balanced configurations apply the appropriate firmware for their affected product models/versions to correct the flaw.

Digg This!     StumbleUpon     Del.icio.us

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary