Symantec.Firewall.Fake.DNS.Response
Description
This indicates an attempt to exploit a Buffer Overflow vulnerability in Entrust LibKmp ISAKMP library, used by Symantec Enterprise Firewall, Gateway Security, and VelociRaptor.
Affected Products
Symantec Enterprise Firewall 8.0 Solaris
Symantec Enterprise Firewall 8.0 NT/2000
Symantec Enterprise Firewall 7.0.4 Solaris
Symantec Enterprise Firewall 7.0.4 NT/2000
Symantec Enterprise Firewall 7.0 Solaris
Symantec Enterprise Firewall 7.0 NT/2000
Symantec Gateway Security 5300 1.0
Symantec Gateway Security 5400 2.0
Symantec VelociRaptor 1.5
Impact
Denial of Service.
System Compromise: Execution of arbitrary code.
Recommended Actions
Apply the appropriate hotfix for this vulnerability.
http://securityresponse.symantec.com/avcenter/security/Content/2004.08.26.html
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |