Symantec Gateway Security SMTP Data Leak Vulnerability
BID:12654
Info
Symantec Gateway Security SMTP Data Leak Vulnerability
| Bugtraq ID: | 12654 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: |
CVE-2005-0618 |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 28 2005 12:00AM |
| Updated: | Jul 12 2009 10:56AM |
| Credit: | Discovery of this vulnerability is credited to Arthur Hagen of Broomstick Net Services. |
| Vulnerable: |
Symantec Nexland Pro800turbo Firewall Appliance Symantec Gateway Security 460R Symantec Gateway Security 460 Symantec Gateway Security 360R Symantec Gateway Security 360 Symantec Firewall/VPN Appliance 200R Symantec Firewall/VPN Appliance 200 |
| Not Vulnerable: |
Symantec VelociRaptor 1.5 Symantec Nexland WaveBase Firewall Appliance Symantec Nexland Pro800 Firewall Appliance Symantec Nexland Pro400 Firewall Appliance Symantec Nexland Pro100 Firewall Appliance Symantec Nexland ISB SOHO Firewall Appliance Symantec Gateway Security 5400 2.0 Symantec Gateway Security 5300 1.0 Symantec Gateway Security 420 0 Symantec Gateway Security 320 Symantec Firewall/VPN Appliance 100 Symantec Enterprise Firewall 8.0 Solaris Symantec Enterprise Firewall 8.0 NT/2000 Symantec Enterprise Firewall 7.0.4 Solaris Symantec Enterprise Firewall 7.0.4 NT/2000 Symantec Enterprise Firewall 7.0 Solaris Symantec Enterprise Firewall 7.0 NT/2000 |
Discussion
Symantec Gateway Security SMTP Data Leak Vulnerability
Symantec Gateway Security is reported prone to a vulnerability that may result in the leakage of potentially sensitive SMTP data.
It is reported that this issue manifests when an affected appliance is configured to load-balance two WAN network connections and SMTP binding is configured for a single WAN interface.
This may result in SMTP data leakage in deployments where one WAN interface is trusted and the other is not. SMTP traffic bound to the trusted WAN interface is load-balanced onto the untrusted WAN.
Symantec Gateway Security is reported prone to a vulnerability that may result in the leakage of potentially sensitive SMTP data.
It is reported that this issue manifests when an affected appliance is configured to load-balance two WAN network connections and SMTP binding is configured for a single WAN interface.
This may result in SMTP data leakage in deployments where one WAN interface is trusted and the other is not. SMTP traffic bound to the trusted WAN interface is load-balanced onto the untrusted WAN.
Exploit / POC
Symantec Gateway Security SMTP Data Leak Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution / Fix
Symantec Gateway Security SMTP Data Leak Vulnerability
Solution:
Symantec recommends that customers using SMTP binding in load-balanced configurations apply the appropriate firmware update for their affected product models/versions to protect against this issue.
This issue is addressed in the following releases:
Build 1.68: Symantec Firewall/VPN Appliance models 200 and 200R
Build 858: Symantec Gateway Security Appliance models 360 and 360R
Build 1.6X: Nexland Pro800turbo
Solution:
Symantec recommends that customers using SMTP binding in load-balanced configurations apply the appropriate firmware update for their affected product models/versions to protect against this issue.
This issue is addressed in the following releases:
Build 1.68: Symantec Firewall/VPN Appliance models 200 and 200R
Build 858: Symantec Gateway Security Appliance models 360 and 360R
Build 1.6X: Nexland Pro800turbo