Vulnerability in Symantec Security Appliances

Speaking of attacking appliances, a Rigel Kent Security advisory claims:

"Three high-risk vulnerabilities have been identified in the Symantec Enterprise Firewall products and two in the Gateway products. All are remotely exploitable and allow an attacker to perform a denial of service attack against the firewall, identify active services in the WAN interface and exploit the use of default community strings in the SNMP service to collect and alter the firewall or gateway's configuration. Moreover, the administrative interface for the firewall does not allow the operator to disable SNMP nor change the community strings. The Gateway Security products are vulnerable to all but the denial of service issue."

Symantec's advisory states:

"Symantec resolved three high-risk vulnerabilities that had been identified in the Symantec Firewall/VPN Appliance 100, 200 and 200R models. The Symantec Gateway Security 320, 360 and 360R are vulnerable to only two of the issues, which have been resolved."

The days of directly attacking firewalls are not over, as some might think!