Описание
The proxy DNS service in Symantec Gateway Security (SGS) allows remote attackers to make arbitrary DNS queries to third-party DNS servers, while hiding the source IP address of the attacker. NOTE: another researcher has stated that the default configuration does not proxy DNS queries received on the external interface
Ссылки
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:h:symantec:gateway_security:1.0:*:*:*:*:*:*:*
cpe:2.3:h:symantec:gateway_security:320:*:*:*:*:*:*:*
cpe:2.3:h:symantec:gateway_security:360:*:*:*:*:*:*:*
cpe:2.3:h:symantec:gateway_security:360r:*:*:*:*:*:*:*
cpe:2.3:h:symantec:gateway_security:5000_series_2.0.1:*:*:*:*:*:*:*
cpe:2.3:h:symantec:gateway_security:5000_series_3.0:*:*:*:*:*:*:*
cpe:2.3:h:symantec:gateway_security:5110:*:*:*:*:*:*:*
cpe:2.3:h:symantec:gateway_security:5110_1.0:*:*:*:*:*:*:*
cpe:2.3:h:symantec:gateway_security:5200:*:*:*:*:*:*:*
cpe:2.3:h:symantec:gateway_security:5200_1.0:*:*:*:*:*:*:*
cpe:2.3:h:symantec:gateway_security:5300:*:*:*:*:*:*:*
cpe:2.3:h:symantec:gateway_security:5300_1.0:*:*:*:*:*:*:*
cpe:2.3:h:symantec:gateway_security:5310_1.0:*:*:*:*:*:*:*
cpe:2.3:h:symantec:gateway_security:5400_2.0:*:*:*:*:*:*:*
cpe:2.3:h:symantec:gateway_security:5400_2.0.1:*:*:*:*:*:*:*
EPSS
Процентиль: 78%
0.0116
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
** DISPUTED ** The proxy DNS service in Symantec Gateway Security (SGS) allows remote attackers to make arbitrary DNS queries to third-party DNS servers, while hiding the source IP address of the attacker. NOTE: another researcher has stated that the default configuration does not proxy DNS queries received on the external interface.
EPSS
Процентиль: 78%
0.0116
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other