News Stay informed about the latest enterprise technology news and product updates.

Vulnerabilities affect multiple Symantec products

A vulnerability in multiple Symantec products could be exploited for a denial-of-service attack.

An attacker could exploit a security hole in several Symantec Corp. products to cause a denial of service. The Cupertino, Calif.-based company recommends users protect themselves by applying the latest available patches.

The vulnerability is caused by an unspecified error within the "isakmpd" service. Copenhagen, Denmark-based IT security firm Secunia said in its advisory that the vulnerability is "moderately critical" and can be exploited remotely.

Symantec said in a statement the vulnerability only affects enterprise gateway products that incorporate the Entrust module and negotiate dynamic vpn tunnels. "To date, Symantec has not had any reports of any related exploit of the vulnerability," the company said. Users can download the patches from Symantec's security site.

The following products are affected:

  • VelociRaptor 1.5
  • Gateway Security 1.0
  • Gateway Security 2.0
  • Enterprise Firewall/VPN 7.0 for Solaris
  • Enterprise Firewall/VPN 7.0 for Windows NT/2000
  • Enterprise Firewall/VPN 7.0.4 for Solaris
  • Enterprise Firewall/VPN 7.0.4 for Windows NT/2000

Dig Deeper on Email and Messaging Threats-Information Security Threats

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.