Symantec Enterprise Firewall / Gateway Security HTTP Proxy Internal IP Leakage Weakness
BID:17936
CVE-2006-2341 |Info
Symantec Enterprise Firewall / Gateway Security HTTP Proxy Internal IP Leakage Weakness
| Bugtraq ID: | 17936 |
| Class: | Unknown |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | May 10 2006 12:00AM |
| Updated: | May 15 2006 05:59PM |
| Credit: | Bernhard Mueller discovered this issue. |
| Vulnerable: |
Symantec Gateway Security 5000 Series 3.0 Symantec Gateway Security 5000 Series 2.0.1 Symantec Enterprise Firewall 8.0 |
| Not Vulnerable: |
Symantec Gateway Security 5000 Series 3.0.1 Symantec Gateway Security 1600 Appliance 3.0 |
Discussion
Symantec Enterprise Firewall / Gateway Security HTTP Proxy Internal IP Leakage Weakness
Symantec Enterprise Firewall and Gateway Security products are prone to an information-disclosure weakness.
The vendor has reported that the NAT/HTTP proxy component of the products may reveal the internal IP addresses of protected computers.
An attacker may use this information to carry out targeted attacks against a potentially vulnerable host.
Symantec Enterprise Firewall and Gateway Security products are prone to an information-disclosure weakness.
The vendor has reported that the NAT/HTTP proxy component of the products may reveal the internal IP addresses of protected computers.
An attacker may use this information to carry out targeted attacks against a potentially vulnerable host.
Exploit / POC
Symantec Enterprise Firewall / Gateway Security HTTP Proxy Internal IP Leakage Weakness
This issue may be exploited with a web client.
The following proof-of-concept exploit is available:
This issue may be exploited with a web client.
The following proof-of-concept exploit is available:
Solution / Fix
Symantec Enterprise Firewall / Gateway Security HTTP Proxy Internal IP Leakage Weakness
Solution:
Symantec has released an advisory and fixes to address this issue. Please see the referenced vendor advisory for further information.
Symantec Gateway Security 5000 Series 3.0
Symantec Enterprise Firewall 8.0
Solution:
Symantec has released an advisory and fixes to address this issue. Please see the referenced vendor advisory for further information.
Symantec Gateway Security 5000 Series 3.0
-
Symantec SGS3.0-20060303-02.tgz
ftp://ftp.symantec.com/public/updates/SGS3.0-20060303-02.tgz -
Symantec SGS_5000_Series_v3.0_to_v3.0.1_Update_Utility.zip
ftp://ftp.symantec.com/public/updates/SGS_5000_Series_v3.0_to_v3.0.1_U pdate_Utility.zip
Symantec Enterprise Firewall 8.0
-
Symantec SEF80-bundleEw.tgz
ftp://ftp.symantec.com/public/updates/SEF80-bundleEw.tgz
References
Symantec Enterprise Firewall / Gateway Security HTTP Proxy Internal IP Leakage Weakness
References:
References:
- Enterprise Support Site (Symantec)
- SEC Consult Security Advisory 20060512-0 (SEC-Consult)
- SYM06-009 - Symantec Enterprise Firewall NAT/HTTP Proxy internal IP leakage (Symantec)
- Symantec Homepage (Symantec)
- SEC Consult SA-20060512-0 :: Symantec Enterprise Firewall NAT/HTTP Proxy Private (SEC Consult)