Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2004-1754

4 documents4 sources

Severity

5.0MEDIUM

EPSS

2.9%

top 13.72%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Symantec Enterprise Firewall Symantec Gateway Security

Timeline

PublishedJun 15

Latest updateApr 29

Description

The DNS proxy (DNSd) for multiple Symantec Gateway Security products allows remote attackers to poison the DNS cache via a malicious DNS server query response that contains authoritative or additional records.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

▶NVDsymantec/gateway_security6 versions+5

▶NVDsymantec/enterprise_firewall7.0.4, 8.0+1

Patches

Patch: secunia.com ↗Patch: securityresponse.symantec.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-rq54-jrj8-62cm: The DNS proxy (DNSd) for multiple Symantec Gateway Security products allows remote attackers to poison the DNS cache via a malicious DNS server query↗2022-04-29

▶

CVEList

CVE-2004-1754: The DNS proxy (DNSd) for multiple Symantec Gateway Security products allows remote attackers to poison the DNS cache via a malicious DNS server query↗2005-03-09

▶

💥Exploits & PoCs

Exploit-DB

Symantec Enterprise Firewall 7.0/8.0 - DNSD DNS Cache Poisoning↗2004-06-15

▶