PT-2004-1523 · Symantec+1 · Gateway Security 5300+4
Published
2004-12-31
·
Updated
2017-07-11
·
CVE-2004-0369
CVSS v2.0
7.5
High
| Vector | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Symantec Enterprise Firewall versions 7.0 through 8.0
Gateway Security 5300 version 1.0
Gateway Security 5400 version 2.0
VelociRaptor version 1.5
Description
The issue is a buffer overflow in the Entrust LibKmp ISAKMP library. This allows remote attackers to execute arbitrary code via a crafted ISAKMP payload.
Recommendations
For Symantec Enterprise Firewall versions 7.0 through 8.0, update to a version that includes a fix for the buffer overflow issue in the Entrust LibKmp ISAKMP library.
For Gateway Security 5300 version 1.0, update to a version that includes a fix for the buffer overflow issue in the Entrust LibKmp ISAKMP library.
For Gateway Security 5400 version 2.0, update to a version that includes a fix for the buffer overflow issue in the Entrust LibKmp ISAKMP library.
For VelociRaptor version 1.5, update to a version that includes a fix for the buffer overflow issue in the Entrust LibKmp ISAKMP library.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Entrust Libkmp Isakmp Library
Gateway Security 5300
Gateway Security 5400
Symantec Enterprise Firewall
Velociraptor