CVE-2002-1937

Symantec Firewall/VPN Appliance 100 through 200R hardcodes the administrator's MAC address inside the firewall's configuration, which allows remote attackers to spoof the administrator's MAC address and perform an ARP poisoning man-in-the-middle attack to obtain the administrator's password.
Configurations

Configuration 1 (hide)

OR cpe:2.3:h:symantec:firewall_vpn_appliance_100:*:*:*:*:*:*:*:*
cpe:2.3:h:symantec:firewall_vpn_appliance_200:*:*:*:*:*:*:*:*
cpe:2.3:h:symantec:firewall_vpn_appliance_200r:*:*:*:*:*:*:*:*

History

20 Nov 2024, 23:42

Type Values Removed Values Added
References () http://archives.neohapsis.com/archives/bugtraq/2002-10/0314.html - () http://archives.neohapsis.com/archives/bugtraq/2002-10/0314.html -
References () http://archives.neohapsis.com/archives/bugtraq/2002-10/0329.html - () http://archives.neohapsis.com/archives/bugtraq/2002-10/0329.html -
References () http://www.iss.net/security_center/static/10442.php - () http://www.iss.net/security_center/static/10442.php -

Information

Published : 2002-12-31 05:00

Updated : 2024-11-20 23:42


NVD link : CVE-2002-1937

Mitre link : CVE-2002-1937

CVE.ORG link : CVE-2002-1937


JSON object : View

Products Affected

symantec

  • firewall_vpn_appliance_200r
  • firewall_vpn_appliance_200
  • firewall_vpn_appliance_100