CVE-2006-4562
Last modified
CVE-2006-4562 is a vulnerability of currently unknown severity. The proxy DNS service in Symantec Gateway Security (SGS) allows remote attackers to make arbitrary DNS queries to third-party DNS servers, while hiding the source IP address of the attacker. NOTE: another researcher has stated that the default configuration does not proxy DNS queries received on the external interface. EPSS estimates a 1.40% chance of exploitation in the next 30 days.
Description
The proxy DNS service in Symantec Gateway Security (SGS) allows remote attackers to make arbitrary DNS queries to third-party DNS servers, while hiding the source IP address of the attacker. NOTE: another researcher has stated that the default configuration does not proxy DNS queries received on the external interface
Metrics
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Symantec | Gateway Security | 1.0 |
| Symantec | Gateway Security | 320 |
| Symantec | Gateway Security | 360 |
| Symantec | Gateway Security | 360r |
| Symantec | Gateway Security | 5000_series_2.0.1 |
| Symantec | Gateway Security | 5000_series_3.0 |
| Symantec | Gateway Security | 5110 |
| Symantec | Gateway Security | 5110_1.0 |
| Symantec | Gateway Security | 5200 |
| Symantec | Gateway Security | 5200_1.0 |
| Symantec | Gateway Security | 5300 |
| Symantec | Gateway Security | 5300_1.0 |
| Symantec | Gateway Security | 5310_1.0 |
| Symantec | Gateway Security | 5400_2.0 |
| Symantec | Gateway Security | 5400_2.0.1 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2006-4562?
How severe is CVE-2006-4562?
How do I fix CVE-2006-4562?
Are you affected by CVE-2006-4562?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST