dcsimg
 

Symantec Patches 'High Risk' Flaws

By Ryan Naraine  |  Posted 2004-12-31 Email Print this article Print
 
 
 
 
 
 
 

WEBINAR:
On-Demand

Re-Thinking HR: What Every CIO Needs to Know About Tomorrow's Workforce


Vulnerabilities in Nexland Firewall appliances put users at risk of security bypass, manipulation of data and denial-of-service attacks.

Network security vendor Symantec Corp. has rolled out fixes for three high-risk security holes in its Nexland Firewall appliances.

The flaws could put users at risk of security bypass, manipulation of data and denial-of-service attacks, according to an advisory from research outfit Secunia, which rates the vulnerabilities as "highly critical."

Symantec confirmed that the vulnerabilities had been identified in the Symantec Firewall/VPN Appliance 100, 200 and 200R models. The Symantec Gateway Security 320, 360 and 360R are vulnerable to only two of the issues, which have been resolved, the company explained in a note posted online.

"All of these vulnerabilities are remotely exploitable and can allow an attacker to perform a denial of service attack against the firewall appliance, identify active services in the WAN interface, and exploit one of these services to collect and alter the firewall's configuration," the company warned.

The security holes, discovered by Rigel Kent Security & Advisory Services, also affect the Nexland ISB SOHO, Pro100, Pro400, Pro800, Pro800turbo and the Nexland WaveBase Firewall Appliances.

Click here to read a column on the Symantec-Veritas deal by eWEEK.com's Wayne Rash.

The Symantec Gateway Security models 320, 360 and 360R are not vulnerable to the denial-of-service issue but have been validated as being vulnerable to the other two issues.

Symantec is urging customers to upgrade to the firmware builds labeled 1.63 for Symantec Firewall/VPN Appliance models100, 200 and 200R. Firmware build 622 has been posted for the Symantec Gateway Security Appliance models 320, 360 and 360R.

The company has also released firmware build 16U for the Nexland Firewall Appliances.

The Nexland firewall appliances, which Symantec acquired last year, are primarily used in branch offices and home offices.

Check out eWEEK.com's for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzer's Weblog.

 
 
 
 
 
 
 
 
 
























By submitting your information, you agree that channelinsider.com may send you channelinsider offers via email, phone and text message, as well as email offers about other products and services that channelinsider believes may be of interest to you. channelinsider will process your information in accordance with the Quinstreet Privacy Policy.

 
 
 
 
 
 

Submit a Comment

Loading Comments...
























By submitting your information, you agree that channelinsider.com may send you channelinsider offers via email, phone and text message, as well as email offers about other products and services that channelinsider believes may be of interest to you. channelinsider will process your information in accordance with the Quinstreet Privacy Policy.

 
 
 
 
 
 
 
 
 
Thanks for your registration, follow us on our social networks to keep up-to-date