CVE-2002-0309

Name of the Vulnerable Software and Affected Versions Symantec Enterprise Firewall (SEF) version 6.5.x

Description The issue allows remote attackers to determine certain firewall configuration information. This is due to the SMTP proxy in Symantec Enterprise Firewall including the firewall's physical interface name and address in an SMTP protocol exchange when NAT translation is made to an address other than the firewall.

Recommendations For Symantec Enterprise Firewall (SEF) version 6.5.x, consider restricting access to the SMTP proxy until a fix is available. As a temporary workaround, limiting the information disclosed by the SMTP proxy may help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.