CVE-2006-4562

Description

The proxy DNS service in Symantec Gateway Security (SGS) allows remote attackers to make arbitrary DNS queries to third-party DNS servers, while hiding the source IP address of the attacker. NOTE: another researcher has stated that the default configuration does not proxy DNS queries received on the external interface

Affected products

• Symantec / gateway_security1.0 – 1.0
• Symantec / gateway_security320 – 320
• Symantec / gateway_security360 – 360
• Symantec / gateway_security360r – 360r
• Symantec / gateway_security5000_series_2.0.1 – 5000_series_2.0.1
• Symantec / gateway_security5000_series_3.0 – 5000_series_3.0
• Symantec / gateway_security5110 – 5110
• Symantec / gateway_security5110_1.0 – 5110_1.0
• Symantec / gateway_security5200 – 5200
• Symantec / gateway_security5200_1.0 – 5200_1.0
• Symantec / gateway_security5300 – 5300
• Symantec / gateway_security5300_1.0 – 5300_1.0
• Symantec / gateway_security5310_1.0 – 5310_1.0
• Symantec / gateway_security5400_2.0 – 5400_2.0
• Symantec / gateway_security5400_2.0.1 – 5400_2.0.1

References

• MISChttp://www.securityfocus.com/archive/1/444114/100/100/threaded
• MISChttp://www.securityfocus.com/archive/1/444134/100/100/threaded
• MISChttp://www.securityfocus.com/archive/1/444330/100/0/threaded
• MISChttp://www.securityfocus.com/archive/1/444135/100/100/threaded