Intrusion Prevention

Symantec.Multiple.Products.ISAKMPd.SPI.Size.DoS

Description

This indicates an attempt to exploit a buffer overflow vulnerability in Entrust LibKmp ISAKMP library, used by Symantec Enterprise Firewall 7.0 through 8.0, Gateway Security 5300 1.0, Gateway Security 5400 2.0, and VelociRaptor 1.5.

Affected Products

Symantec Enterprise Firewall 8.0 Solaris
Symantec Enterprise Firewall 8.0 NT/2000
Symantec Enterprise Firewall 7.0.4 Solaris
Symantec Enterprise Firewall 7.0.4 NT/2000
Symantec Enterprise Firewall 7.0 Solaris
Symantec Enterprise Firewall 7.0 NT/2000
Symantec Gateway Security 5300 1.0
Symantec Gateway Security 5400 2.0
Symantec VelociRaptor 1.5

Impact

Denial of service.
System compromise: execution of arbitrary code.

Recommended Actions

Apply the appropriate hotfix for this vulnerability, as listed in the Symantec Security Response SYM04-012 and available from the Symantec FTP Update Web site.
http://securityresponse.symantec.com/avcenter/security/Content/2004.08.26.html

CVE References

CVE-2004-0369