News Stay informed about the latest enterprise technology news and product updates.

Symantec issues patches for Firewall/VPN and Gateway Security

The company warns that remote exposure of sensitive information can result from the flaws that affect its Firewall/VPN and Gateway Security and Nexland Pro800turbo products.

Symantec Corp. yesterday issued what it ranked as medium level patches for a number of its products that could allow the remote exposure of sensitive information.

Danish security vulnerability aggregator Secunia said, "The problem is caused due to an error in the SMTP

How to fix the flaw

Symantec Firewall/VPN Appliance models 200 and 200R
-- Upgrade to build 1.68

Symantec Gateway Security Appliance models 360 and 360R
-- Upgrade to build 858

Nexland Pro800turbo
--Upgrade to build 1.6X

binding functionality of certain devices with ISP load-balancing capabilities. This results in outbound e-mail traffic being load-balanced regardless of the configured WAN binding selection, which may cause sensitive SMTP traffic only destined for a trusted network to be passed over an untrusted connection."

Cupertino, Calif.-based Symantec labeled the flaw "SMTP binding configuration bypassed" and said the risk impact is "highly configuration dependent."

The security vendor said the flaw affects:

  • Symantec Firewall/VPN Appliance 200/200R firmware builds prior to 1.68 and later than 1.5Z;
  • Symantec Gateway Security 360/360R firmware builds prior to 858;
  • Symantec Gateway Security 460/460R firmware builds prior to build 858;
  • and Nexland Pro800turbo firmware builds prior to build 1.6X and later than 1.5Z.

"Symantec was notified of this potential vulnerability in a Symantec Gateway Security 360 appliance configured to load-balance two ISPs with SMTP binding set for a single WAN," said the Symantec advisory. "The SMTP binding configuration was not being implemented as selected causing SMTP traffic to be load-balanced through both WAN1 and WAN2. This could result in

More on patching

Best practices for patch management
Drowning in a sea of patches? Register for a webcast where our guest shares best practices for patch management.

Products of the Year: Patch management
Information Security magazine unveils the best patch management products of 2004.

a potential vulnerability if a trusted network was selected for SMTP binding through one WAN and an untrusted network connected to the other WAN. SMTP traffic bound to the trusted network could potentially be passed over both the trusted and untrusted WANs [load-balanced]."

Symantec recommends that those using SMTP binding in load-balanced configurations apply the appropriate firmware for their affected product models/versions to correct the flaw.

Dig Deeper on Network device security: Appliances, firewalls and switches

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.