Vulnerability Description
Buffer overflow in Entrust LibKmp ISAKMP library, as used by Symantec Enterprise Firewall 7.0 through 8.0, Gateway Security 5300 1.0, Gateway Security 5400 2.0, and VelociRaptor 1.5, allows remote attackers to execute arbitrary code via a crafted ISAKMP payload.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Entrust | Entrust Libkmp Isakmp Library | All versions |
| Symantec | Enterprise Firewall | 7.0 |
| Symantec | Velociraptor | 1.5 |
| Symantec | Gateway Security 5300 | 1.0 |
| Symantec | Gateway Security 5400 | 2.0 |
References
- http://securityresponse.symantec.com/avcenter/security/Content/2004.08.26.htmlVendor Advisory
- http://www.auscert.org.au/render.html?it=4339Vendor Advisory
- http://www.ciac.org/ciac/bulletins/o-206.shtmlVendor Advisory
- http://www.securityfocus.com/bid/11039
- http://xforce.iss.net/xforce/alerts/id/181PatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15669
- http://securityresponse.symantec.com/avcenter/security/Content/2004.08.26.htmlVendor Advisory
- http://www.auscert.org.au/render.html?it=4339Vendor Advisory
- http://www.ciac.org/ciac/bulletins/o-206.shtmlVendor Advisory
- http://www.securityfocus.com/bid/11039
- http://xforce.iss.net/xforce/alerts/id/181PatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15669
FAQ
What is CVE-2004-0369?
CVE-2004-0369 is a vulnerability with a CVSS score of 7.5 (HIGH). Buffer overflow in Entrust LibKmp ISAKMP library, as used by Symantec Enterprise Firewall 7.0 through 8.0, Gateway Security 5300 1.0, Gateway Security 5400 2.0, and VelociRaptor 1.5, allows remote att...
How severe is CVE-2004-0369?
CVE-2004-0369 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-0369?
Check the references section above for vendor advisories and patch information. Affected products include: Entrust Entrust Libkmp Isakmp Library, Symantec Enterprise Firewall, Symantec Velociraptor, Symantec Gateway Security 5300, Symantec Gateway Security 5400.