Initial Publication Date: Advisory Status: Advisory Severity: Legacy ID
13 Oct 2002 Closed Low
Advanced IT-Security, a Scandinavian security consultancy, notified Symantec of a potential information leak issue they discovered in the manner in which the web proxy component in the Symantec Enterprise Firewall returned error messages. A remote user connecting to the proxy server can actually perform limited reconnaissance activity against the internal network behind the firewall even though access is restricted by the firewall. By analyzing the unauthorized access error messages returned, the remote user can determine whether the address requested is a valid address or not. In this manner, a limited mapping of the internal network is possible
Symantec verified this issue reported by Advanced IT-Security as an issue that Symantec addressed as a collateral problem in an earlier security update for the Symantec Enterprise Firewall. The Symantec Enterprise Firewall is not vulnerable to this concern if patched fully up-to-date. All patches are available for download through the Symantec Enterprise Support Web site
The following security bundles are the latest security hotfixes for the affected products. If you have not applied the appropriate hotfix for this Info Leak issue, the hotfix bundle indicated below is a cumulative hotfix and contains the appropriate fix for this issue as well.
As a best practice, Symantec recommends keeping all operating systems and applications updated with the latest vendor patches. Keeping mission-critical systems updated with all security patches applied reduces risk exposure
Symantec takes the security and proper functionality of our products very seriously. Symantec appreciates the assistance of Tommy Mikalsen from Advanced IT-Security in identifying this area of concern so we could quickly address it
This is machine translated content
Login to Subscribe
Please login to set up your
Would you like to be subscribed to future notifications for this article?
For security reasons, your link to this document has expired. Please click on the attachment link to access this file.
The attachment that you are looking for no longer exists.
There has been an issue retrieving your attachment. Please try again.
Currently server is down.
Didn't find the article you were looking for? Try these resources.