http://www.eweek.com/article2/0,1759,1650425,00.asp By Matthew Broersma September 23, 2004 Symantec Corp. has warned of a string of security holes in its Firewall/VPN Appliance and Gateway Security products, less than a month after its last firewall security problems. Three new bugs could allow a remote attacker to shut down a firewall appliance, identify active services in the WAN (wide area network) interface and alter the firewall's configuration, Symantec said in a Wednesday advisory. [1] All three flaws, which Rigel Kent Security & Advisory Services discovered, affect Symantec Firewall/VPN Appliance 100, 200 and 200R models; Gateway Security 320, 360 and 360R are vulnerable to all but one, a denial-of-service bug. An attacker could cause the firewall products to stop responding by exploiting an error within the connection handling via a port scan of all WAN interface ports, according to security researcher Secunia, which ranked the flaws as "highly critical." The second bug is found in the firewall's default rule set, which allows an attacker to listen for and identify UDP services, if a particular port is used. The second flaw can be exploited together with a third bug involving the SNMP (Simple Network Management Protocol) service to disclose and manipulate the firewall's configuration, effectively bypassing firewall security, researchers said. As companies have grown ever more security-conscious and reliant on complex protection systems, researchers have subjected products such as VPNs and firewalls to increasing scrutiny. Last month, Symantec warned of a flaw in its VPN and firewall server products that could allow an attacker to take over affected systems and gain access to corporate networks. That vulnerability lay in LibKmp, which Entrust provides to third parties for use in VPN products, meaning any LibKmp-based VPN was potentially affected. In July, Internet Security Systems warned of a vulnerability in a wide range of Check Point Software Technologies' VPN products, including versions of VPN-1, FireWall-1, Provider-1 and SSL Network Extender. Check Point's enterprise security products are among the most widely used on the Internet. Similar Check Point VPN holes also appeared in February and May. In April, Cisco Systems disclosed a number of bugs in its products, including its VPN hardware and software. A serious bug in the Kerberos authentication system, revealed earlier this month, also could have allowed access to protected corporate networks. [1] http://www.sarc.com/avcenter/security/Content/2004.09.22.html _________________________________________ Donate online for the Ron Santo Walk to Cure Diabetes - http://www.c4i.org/ethan.html
This archive was generated by hypermail 2.1.3 : Fri Sep 24 2004 - 02:56:07 PDT