CVE-2006-4562
3 documents3 sources
Severity
5.0MEDIUM
EPSS
1.2%
top 21.41%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedSep 6
Latest updateMay 1
Description
The proxy DNS service in Symantec Gateway Security (SGS) allows remote attackers to make arbitrary DNS queries to third-party DNS servers, while hiding the source IP address of the attacker. NOTE: another researcher has stated that the default configuration does not proxy DNS queries received on the external interface
CVSS vector
AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9
Affected Packages1 packages
🔴Vulnerability Details
2GHSA▶
GHSA-97wm-hr4h-jwm3: ** DISPUTED ** The proxy DNS service in Symantec Gateway Security (SGS) allows remote attackers to make arbitrary DNS queries to third-party DNS serve↗2022-05-01
CVEList▶
CVE-2006-4562: The proxy DNS service in Symantec Gateway Security (SGS) allows remote attackers to make arbitrary DNS queries to third-party DNS servers, while hidin↗2006-09-06