PT-2003-1200 · Symantec · Symantec Raptor Firewall+3
Published
2003-06-09
·
Updated
2017-10-10
·
CVE-2002-1463
CVSS v2.0
7.5
High
| Vector | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Symantec Raptor Firewall versions 6.5 and 6.5.3
Symantec Enterprise Firewall versions 6.5.2 and 7.0
Symantec VelociRaptor Models 500/700/1000 and 1100/1200/1300
Symantec Gateway Security 5110/5200/5300
Description
The issue allows remote attackers to spoof connections due to easily predictable initial sequence numbers (ISN) generated by the affected products.
Recommendations
For Symantec Raptor Firewall versions 6.5 and 6.5.3, consider restricting access to minimize the risk of exploitation until a fix is available.
For Symantec Enterprise Firewall versions 6.5.2 and 7.0, restrict incoming connections to trusted sources as a temporary workaround.
For Symantec VelociRaptor Models 500/700/1000 and 1100/1200/1300, and Symantec Gateway Security 5110/5200/5300, avoid using these devices for critical connections that require high security until the issue is resolved.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Symantec Enterprise Firewall
Symantec Gateway Security
Symantec Raptor Firewall
Symantec Velociraptor