CVE-2002-0309

Published May 31, 2002

Last updated 8 years ago

Overview

Description: SMTP proxy in Symantec Enterprise Firewall (SEF) 6.5.x includes the firewall's physical interface name and address in an SMTP protocol exchange when NAT translation is made to an address other than the firewall, which could allow remote attackers to determine certain firewall configuration information.
Source: cve@mitre.org
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:N/A:N

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:symantec:enterprise_firewall:6.5.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "60CD39A5-0059-4E17-8F4F-58F23589A408"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

References