Vulnerability Description
SMTP proxy in Symantec Enterprise Firewall (SEF) 6.5.x includes the firewall's physical interface name and address in an SMTP protocol exchange when NAT translation is made to an address other than the firewall, which could allow remote attackers to determine certain firewall configuration information.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Symantec | Enterprise Firewall | 6.5.2 |
References
- http://marc.info/?l=bugtraq&m=101424307617060&w=2
- http://marc.info/?l=bugtraq&m=101430810813853&w=2
- http://securityresponse.symantec.com/avcenter/security/Content/2002.02.20.html
- http://www.iss.net/security_center/static/8251.php
- http://www.securityfocus.com/bid/4141
- http://marc.info/?l=bugtraq&m=101424307617060&w=2
- http://marc.info/?l=bugtraq&m=101430810813853&w=2
- http://securityresponse.symantec.com/avcenter/security/Content/2002.02.20.html
- http://www.iss.net/security_center/static/8251.php
- http://www.securityfocus.com/bid/4141
FAQ
What is CVE-2002-0309?
CVE-2002-0309 is a vulnerability with a CVSS score of 5.0 (MEDIUM). SMTP proxy in Symantec Enterprise Firewall (SEF) 6.5.x includes the firewall's physical interface name and address in an SMTP protocol exchange when NAT translation is made to an address other than th...
How severe is CVE-2002-0309?
CVE-2002-0309 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-0309?
Check the references section above for vendor advisories and patch information. Affected products include: Symantec Enterprise Firewall.