CVE-2004-1754

Description

The DNS proxy (DNSd) for multiple Symantec Gateway Security products allows remote attackers to poison the DNS cache via a malicious DNS server query response that contains authoritative or additional records.

Affected products

• Symantec / enterprise_firewall7.0.4 – 7.0.4
• Symantec / enterprise_firewall7.0.4 – 7.0.4
• Symantec / enterprise_firewall8.0 – 8.0
• Symantec / enterprise_firewall8.0 – 8.0
• Symantec / enterprise_firewall8.0 – 8.0
• Symantec / gateway_security5110_1.0 – 5110_1.0
• Symantec / gateway_security5200_1.0 – 5200_1.0
• Symantec / gateway_security5300_1.0 – 5300_1.0
• Symantec / gateway_security5310_1.0 – 5310_1.0
• Symantec / gateway_security5400_2.0 – 5400_2.0
• Symantec / gateway_security5400_2.0.1 – 5400_2.0.1

References

• MAILING_LISThttp://lists.virus.org/bugtraq-0406/msg00234.html
• MISChttp://www.securityfocus.com/bid/10557
• VENDOR_ADVISORYhttp://secunia.com/advisories/11888
• MISChttp://securityresponse.symantec.com/avcenter/security/Content/2004.06.21.html