PT-2002-1588 · Symantec · Symantec Raptor Firewall+1

Published

2002-07-03

Updated

2011-03-08

CVE-2002-0538

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Symantec Raptor Firewall version 6.5.3 Symantec Raptor Firewall Enterprise version 7.0

Description The FTP proxy in the affected software rewrites an FTP server's "FTP PORT" responses, allowing remote attackers to redirect FTP data connections to arbitrary ports. This issue is related to the "FTP bounce" vulnerability.

Recommendations For Symantec Raptor Firewall version 6.5.3, consider disabling the FTP proxy feature until a patch is available. For Symantec Raptor Firewall Enterprise version 7.0, restrict access to the FTP server to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2002-0538

Affected Products

Symantec Raptor Firewall

Symantec Raptor Firewall Enterprise

PT-2002-1588 · Symantec · Symantec Raptor Firewall+1

CVE-2002-0538

Related Identifiers

Affected Products

References · 7