Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The DNS proxy (DNSd) for multiple Symantec Gateway Security products allows remote attackers to poison the DNS cache via a malicious DNS server query response that contains authoritative or additional records.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Symantec Enterprise Firewall DNSD DNS缓存"毒药"漏洞
Vulnerability Description
Symantec Enterprise Firewall是一款企业级防火墙,包含DNSD代理。 Symantec企业级防火墙的DNSD实现存在问题,远程攻击者可以利用这个漏洞进行中间人,伪造站点或其他各种攻击。 主要问题是Dnsd代理没有进行正确检查,确保从远程DNS服务器返回的数据包含请求记录相关的数据,攻击者可以控制DNS服务器,返回恶意应答,而导致在目标系统中插入伪造的DNS条目,从而攻击者可以进行类似中间人攻击/拒绝服务/社会工程等攻击。
CVSS Information
N/A
Vulnerability Type
N/A