Lucene search

MitreCVE-2004-0369

HistoryApr 14, 2005 - 4:00 a.m.

CVE-2004-0369

2005-04-1404:00:00

mitre

web.nvd.nist.gov

buffer overflow

entrust libkmp

isakmp

symantec enterprise firewall

gateway security

velociraptor

remote code execution

cve-2004-0369

nvd

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.9

Confidence

High

EPSS

0.129

Percentile

95.5%

JSON

Buffer overflow in Entrust LibKmp ISAKMP library, as used by Symantec Enterprise Firewall 7.0 through 8.0, Gateway Security 5300 1.0, Gateway Security 5400 2.0, and VelociRaptor 1.5, allows remote attackers to execute arbitrary code via a crafted ISAKMP payload.

Affected configurations

Nvd

Node

entrustentrust_libkmp_isakmp_library

symantecenterprise_firewallMatch7.0solaris

symantecenterprise_firewallMatch7.0.4solaris

symantecenterprise_firewallMatch7.0.4windows_2000_nt

symantecenterprise_firewallMatch8.0solaris

symantecenterprise_firewallMatch8.0windows_2000_nt

symantecvelociraptorMatch1.5

Node

symantecgateway_security_5300Match1.0

symantecgateway_security_5400Match2.0

VendorProductVersionCPE
entrustentrust_libkmp_isakmp_library*cpe:2.3:a:entrust:entrust_libkmp_isakmp_library:*:*:*:*:*:*:*:*
symantecenterprise_firewall7.0cpe:2.3:a:symantec:enterprise_firewall:7.0:*:solaris:*:*:*:*:*
symantecenterprise_firewall7.0.4cpe:2.3:a:symantec:enterprise_firewall:7.0.4:*:solaris:*:*:*:*:*
symantecenterprise_firewall7.0.4cpe:2.3:a:symantec:enterprise_firewall:7.0.4:*:windows_2000_nt:*:*:*:*:*
symantecenterprise_firewall8.0cpe:2.3:a:symantec:enterprise_firewall:8.0:*:solaris:*:*:*:*:*
symantecenterprise_firewall8.0cpe:2.3:a:symantec:enterprise_firewall:8.0:*:windows_2000_nt:*:*:*:*:*
symantecvelociraptor1.5cpe:2.3:a:symantec:velociraptor:1.5:*:*:*:*:*:*:*
symantecgateway_security_53001.0cpe:2.3:h:symantec:gateway_security_5300:1.0:*:*:*:*:*:*:*
symantecgateway_security_54002.0cpe:2.3:h:symantec:gateway_security_5400:2.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
entrust	entrust_libkmp_isakmp_library	*	cpe:2.3:a:entrust:entrust_libkmp_isakmp_library::::::::
symantec	enterprise_firewall	7.0	cpe:2.3:a:symantec:enterprise_firewall:7.0::solaris:::::
symantec	enterprise_firewall	7.0.4	cpe:2.3:a:symantec:enterprise_firewall:7.0.4::solaris:::::
symantec	enterprise_firewall	7.0.4	cpe:2.3:a:symantec:enterprise_firewall:7.0.4::windows_2000_nt:::::
symantec	enterprise_firewall	8.0	cpe:2.3:a:symantec:enterprise_firewall:8.0::solaris:::::
symantec	enterprise_firewall	8.0	cpe:2.3:a:symantec:enterprise_firewall:8.0::windows_2000_nt:::::
symantec	velociraptor	1.5	cpe:2.3:a:symantec:velociraptor:1.5:::::::*
symantec	gateway_security_5300	1.0	cpe:2.3:h:symantec:gateway_security_5300:1.0:::::::*
symantec	gateway_security_5400	2.0	cpe:2.3:h:symantec:gateway_security_5400:2.0:::::::*

References

securityresponse.symantec.com/avcenter/security/Content/2004.08.26.html

www.auscert.org.au/render.html?it=4339

www.ciac.org/ciac/bulletins/o-206.shtml

www.securityfocus.com/bid/11039

xforce.iss.net/xforce/alerts/id/181

exchange.xforce.ibmcloud.com/vulnerabilities/15669

Social References

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.9

Confidence

High

EPSS

0.129

Percentile

95.5%

JSON

Related for CVE-2004-0369