CVE-2002-2294

Name of the Vulnerable Software and Affected Versions: Symantec Raptor Firewall versions 6.5 through 6.5.3 Symantec Enterprise Firewall versions 6.5.2 through 7.0 Symantec VelociRaptor versions 500/700/1000 through 1100/1200/1300 Symantec Gateway Security versions 5110/5200/5300

Description: The issue is caused by multiple buffer overflows that allow remote attackers to cause a denial of service, resulting in service termination. This can be achieved via two methods: (1) sending malformed RealAudio (rad) packets that are not properly handled by the RealAudio Proxy, or (2) sending crafted packets to the statistics service (statsd).

Recommendations: For Symantec Raptor Firewall versions 6.5 through 6.5.3, update to a version that includes a fix for the buffer overflow issue. For Symantec Enterprise Firewall versions 6.5.2 through 7.0, update to a version that includes a fix for the buffer overflow issue. For Symantec VelociRaptor versions 500/700/1000 through 1100/1200/1300, update to a version that includes a fix for the buffer overflow issue. For Symantec Gateway Security versions 5110/5200/5300, update to a version that includes a fix for the buffer overflow issue. As a temporary workaround, consider disabling the RealAudio Proxy and restricting access to the statistics service (statsd) until a patch is available.