Description
Secure Webserver 1.1 in Raptor 6.5 and Symantec Enterprise Firewall 6.5.2 allows remote attackers to identify IP addresses of hosts on the internal network via a CONNECT request, which generates different error messages if the host is present.
References (4)
Core 4
Core References
Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/5959
Third Party Advisory vdb-entry
x_refsource_xf
http://www.iss.net/security_center/static/10363.php
Patch, Vendor Advisory mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2002-10/0190.html
Various Sources x_refsource_confirm
http://securityresponse.symantec.com/avcenter/security/Content/2002.10.11a.html
Scores
EPSS
0.0105
EPSS Percentile
77.7%
Details
Status
published
Products (3)
symantec/enterprise_firewall
6.5.2
symantec/raptor_firewall
6.5
symantec/raptor_firewall
6.5.3
Published
Mar 31, 2003
Tracked Since
Feb 18, 2026