CVE-2004-1754

Published Jun 15, 2004

Last updated 16 years ago

CVSS info 5.0

Overview

Description: The DNS proxy (DNSd) for multiple Symantec Gateway Security products allows remote attackers to poison the DNS cache via a malicious DNS server query response that contains authoritative or additional records.
Source: cve@mitre.org
NVD status: Analyzed

Risk scores

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:symantec:enterprise_firewall:7.0.4:*:solaris:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "78A16B88-E49B-4C4C-A82E-03511C99872D"
          },
          {
            "criteria": "cpe:2.3:a:symantec:enterprise_firewall:7.0.4:*:windows_2000_nt:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "30BE919C-A7DF-46C3-BFF6-F0452F0FC434"
          },
          {
            "criteria": "cpe:2.3:a:symantec:enterprise_firewall:8.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "593124AA-5952-4A7E-AB55-D5D851C5DE0F"
          },
          {
            "criteria": "cpe:2.3:a:symantec:enterprise_firewall:8.0:*:solaris:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F66D6BB6-2355-4644-8A18-725F9E970EA2"
          },
          {
            "criteria": "cpe:2.3:a:symantec:enterprise_firewall:8.0:*:windows_2000_nt:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AD892E2E-E1C9-49A2-A42C-3B56F2B0BA4D"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:symantec:gateway_security:5110_1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3B647CBE-35DA-404C-BC71-0C378CC5CA1B"
          },
          {
            "criteria": "cpe:2.3:h:symantec:gateway_security:5200_1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8EB8A732-3D37-4B96-8674-E03CC3826967"
          },
          {
            "criteria": "cpe:2.3:h:symantec:gateway_security:5300_1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F702A853-EE1C-4937-AED9-FF11EE442F9F"
          },
          {
            "criteria": "cpe:2.3:h:symantec:gateway_security:5310_1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F0043B75-B1FA-48F7-B0B8-DF25CE5CED1F"
          },
          {
            "criteria": "cpe:2.3:h:symantec:gateway_security:5400_2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B413854B-9D67-4FFA-81A7-884D3F473D06"
          },
          {
            "criteria": "cpe:2.3:h:symantec:gateway_security:5400_2.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5838D7A8-80F3-4571-80BE-D4AF0AA7F4C4"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References