CVE-2004-0369

3 documents3 sources

Severity

7.5HIGH

EPSS

8.5%

top 7.63%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Symantec Enterprise Firewall Symantec Gateway Security 5300 Symantec Gateway Security 5400 +1 more

Timeline

PublishedDec 31

Latest updateApr 29

Description

Buffer overflow in Entrust LibKmp ISAKMP library, as used by Symantec Enterprise Firewall 7.0 through 8.0, Gateway Security 5300 1.0, Gateway Security 5400 2.0, and VelociRaptor 1.5, allows remote attackers to execute arbitrary code via a crafted ISAKMP payload.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages4 packages

▶NVDsymantec/gateway_security_53001.0

▶NVDsymantec/gateway_security_54002.0

▶NVDsymantec/enterprise_firewall7.0, 7.0.4, 8.0+2

▶NVDsymantec/velociraptor1.5

Patches

Patch: xforce.iss.net ↗Patch: xforce.iss.net ↗

🔴Vulnerability Details

GHSA

GHSA-x4wm-prrg-m255: Buffer overflow in Entrust LibKmp ISAKMP library, as used by Symantec Enterprise Firewall 7↗2022-04-29

▶

CVEList

CVE-2004-0369: Buffer overflow in Entrust LibKmp ISAKMP library, as used by Symantec Enterprise Firewall 7↗2005-04-14

▶