CVE-2004-1754

Symantec Gateway Security - DNS Cache Poisoning

Title source: llm

Description

The DNS proxy (DNSd) for multiple Symantec Gateway Security products allows remote attackers to poison the DNS cache via a malicious DNS server query response that contains authoritative or additional records.

Exploits (1)

exploitdb WORKING POC VERIFIED

by fryxar · c++remotewindows

https://www.exploit-db.com/exploits/24218

View Code ZIP pw:eip

References (4)

[Exploit, Vendor Advisory] http://lists.virus.org/bugtraq-0406/msg00234.html

[Patch, Vendor Advisory] http://secunia.com/advisories/11888

[Patch, Vendor Advisory] http://securityresponse.symantec.com/avcenter/security/Content/2004.06.21.html

[Exploit, Patch, Vendor Advisory] http://www.securityfocus.com/bid/10557

Scores

EPSS 0.0288

EPSS Percentile 86.3%

Details

Status published

Products (8)

symantec/enterprise_firewall 7.0.4 (2 CPE variants)

symantec/enterprise_firewall 8.0 (3 CPE variants)

symantec/gateway_security 5110_1.0

symantec/gateway_security 5200_1.0

symantec/gateway_security 5300_1.0

symantec/gateway_security 5310_1.0

symantec/gateway_security 5400_2.0

symantec/gateway_security 5400_2.0.1

Published Jun 15, 2004

Tracked Since Feb 18, 2026