Security specialist Symantec has admitted to a number of vulnerabilities in its firewall and gateway products. The weaknesses make them liable to denial of service attacks and other compromises.
The affected products are the Symantec Firewall/VPN Appliance 100, 200 and 200R and the Symantec Gateway Security 320, 360 and 360R. The firewalls are susceptible to three kinds of attacks. A hacker can perform a denial of service attack via a flaw in the firewall’s connection handling that can cause the firewall to stop responding. Potential exploits can also identify services on the WAN interface and alter the firewall’s configuration.
The firewalls are vulnerable to all three attacks whereas the gateways are only endangered by the later two.Symantec says it is issuing firmware fixes to its products.
News source: PC Pro