Vulnerability Details : CVE-2004-1754
The DNS proxy (DNSd) for multiple Symantec Gateway Security products allows remote attackers to poison the DNS cache via a malicious DNS server query response that contains authoritative or additional records.
Exploit prediction scoring system (EPSS) score for CVE-2004-1754
Probability of exploitation activity in the next 30 days: 66.11%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 97 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2004-1754
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Source |
|---|---|---|---|---|---|
|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:P/A:N |
10.0
|
2.9
|
nvd@nist.gov |
References for CVE-2004-1754
-
http://securityresponse.symantec.com/avcenter/security/Content/2004.06.21.html
Patch;Vendor Advisory
-
http://www.securityfocus.com/bid/10557
Exploit;Patch;Vendor Advisory
-
http://lists.virus.org/bugtraq-0406/msg00234.html
Exploit;Vendor Advisory
Products affected by CVE-2004-1754
- cpe:2.3:a:symantec:enterprise_firewall:7.0.4:*:windows_2000_nt:*:*:*:*:*
- cpe:2.3:a:symantec:enterprise_firewall:7.0.4:*:solaris:*:*:*:*:*
- cpe:2.3:a:symantec:enterprise_firewall:8.0:*:solaris:*:*:*:*:*
- cpe:2.3:a:symantec:enterprise_firewall:8.0:*:windows_2000_nt:*:*:*:*:*
- cpe:2.3:a:symantec:enterprise_firewall:8.0:*:*:*:*:*:*:*
- cpe:2.3:h:symantec:gateway_security:5110_1.0:*:*:*:*:*:*:*
- cpe:2.3:h:symantec:gateway_security:5200_1.0:*:*:*:*:*:*:*
- cpe:2.3:h:symantec:gateway_security:5310_1.0:*:*:*:*:*:*:*
- cpe:2.3:h:symantec:gateway_security:5400_2.0.1:*:*:*:*:*:*:*
- cpe:2.3:h:symantec:gateway_security:5300_1.0:*:*:*:*:*:*:*
- cpe:2.3:h:symantec:gateway_security:5400_2.0:*:*:*:*:*:*:*