CVE-2006-4562 - Vulnerability Details - OpenCVE

The proxy DNS service in Symantec Gateway Security (SGS) allows remote attackers to make arbitrary DNS queries to third-party DNS servers, while hiding the source IP address of the attacker. NOTE: another researcher has stated that the default configuration does not proxy DNS queries received on the external interface

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Symantec	Gateway Security

Configuration 1 [-]

OR	cpe:2.3:h:symantec:gateway_security:1.0:::::::*
	cpe:2.3:h:symantec:gateway_security:320:::::::*
	cpe:2.3:h:symantec:gateway_security:360:::::::*
	cpe:2.3:h:symantec:gateway_security:360r:::::::*
	cpe:2.3:h:symantec:gateway_security:5000_series_2.0.1:::::::*
	cpe:2.3:h:symantec:gateway_security:5000_series_3.0:::::::*
	cpe:2.3:h:symantec:gateway_security:5110:::::::*
	cpe:2.3:h:symantec:gateway_security:5110_1.0:::::::*
	cpe:2.3:h:symantec:gateway_security:5200:::::::*
	cpe:2.3:h:symantec:gateway_security:5200_1.0:::::::*
	cpe:2.3:h:symantec:gateway_security:5300:::::::*
	cpe:2.3:h:symantec:gateway_security:5300_1.0:::::::*
	cpe:2.3:h:symantec:gateway_security:5310_1.0:::::::*
	cpe:2.3:h:symantec:gateway_security:5400_2.0:::::::*
	cpe:2.3:h:symantec:gateway_security:5400_2.0.1:::::::*

No data.

References

Link	Providers
http://www.securityfocus.com/archive/1/444114/100/100/threaded
http://www.securityfocus.com/archive/1/444134/100/100/threaded
http://www.securityfocus.com/archive/1/444135/100/100/threaded
http://www.securityfocus.com/archive/1/444330/100/0/threaded

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2006-09-06T00:00:00

Updated: 2024-08-07T19:14:47.585Z

Reserved: 2006-09-05T00:00:00

Link: CVE-2006-4562

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2006-09-06T00:04:00.000

Modified: 2025-04-03T01:03:51.193

Link: CVE-2006-4562

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-08-23T00:00:00", "descriptions": [{"lang": "en", "value": "The proxy DNS service in Symantec Gateway Security (SGS) allows remote attackers to make arbitrary DNS queries to third-party DNS servers, while hiding the source IP address of the attacker. NOTE: another researcher has stated that the default configuration does not proxy DNS queries received on the external interface"}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-17T20:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20060823 Symantec Gateway Security DNS exploit", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/444114/100/100/threaded"}, {"name": "20060823 AW: Symantec Gateway Security DNS exploit", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/444134/100/100/threaded"}, {"name": "20060824 Re: Symantec Gateway Security DNS exploit", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/444330/100/0/threaded"}, {"name": "20060823 RE: Symantec Gateway Security DNS exploit", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/444135/100/100/threaded"}], "tags": ["disputed"], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-4562", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "** DISPUTED ** The proxy DNS service in Symantec Gateway Security (SGS) allows remote attackers to make arbitrary DNS queries to third-party DNS servers, while hiding the source IP address of the attacker. NOTE: another researcher has stated that the default configuration does not proxy DNS queries received on the external interface."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20060823 Symantec Gateway Security DNS exploit", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/444114/100/100/threaded"}, {"name": "20060823 AW: Symantec Gateway Security DNS exploit", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/444134/100/100/threaded"}, {"name": "20060824 Re: Symantec Gateway Security DNS exploit", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/444330/100/0/threaded"}, {"name": "20060823 RE: Symantec Gateway Security DNS exploit", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/444135/100/100/threaded"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T19:14:47.585Z"}, "title": "CVE Program Container", "references": [{"name": "20060823 Symantec Gateway Security DNS exploit", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/444114/100/100/threaded"}, {"name": "20060823 AW: Symantec Gateway Security DNS exploit", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/444134/100/100/threaded"}, {"name": "20060824 Re: Symantec Gateway Security DNS exploit", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/444330/100/0/threaded"}, {"name": "20060823 RE: Symantec Gateway Security DNS exploit", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/444135/100/100/threaded"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-4562", "datePublished": "2006-09-06T00:00:00", "dateReserved": "2006-09-05T00:00:00", "dateUpdated": "2024-08-07T19:14:47.585Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:symantec:gateway_security:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "0CAE17C6-FD3E-4846-A706-78246B37BFA1", "vulnerable": true}, {"criteria": "cpe:2.3:h:symantec:gateway_security:320:*:*:*:*:*:*:*", "matchCriteriaId": "EFFC0BF4-56EE-414C-8D45-3D2ACCBDC03A", "vulnerable": true}, {"criteria": "cpe:2.3:h:symantec:gateway_security:360:*:*:*:*:*:*:*", "matchCriteriaId": "6B786C20-6C40-4DBE-AC24-D8B8E98FD6F5", "vulnerable": true}, {"criteria": "cpe:2.3:h:symantec:gateway_security:360r:*:*:*:*:*:*:*", "matchCriteriaId": "38F65C12-9866-423F-8E59-FE905FE79043", "vulnerable": true}, {"criteria": "cpe:2.3:h:symantec:gateway_security:5000_series_2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "00163129-F72A-4C56-A4E4-D254ED71FB63", "vulnerable": true}, {"criteria": "cpe:2.3:h:symantec:gateway_security:5000_series_3.0:*:*:*:*:*:*:*", "matchCriteriaId": "97BE5E88-1DA6-48A7-9811-97EE6582A627", "vulnerable": true}, {"criteria": "cpe:2.3:h:symantec:gateway_security:5110:*:*:*:*:*:*:*", "matchCriteriaId": "7E42EDB2-616D-4915-9E41-7D80F32E4901", "vulnerable": true}, {"criteria": "cpe:2.3:h:symantec:gateway_security:5110_1.0:*:*:*:*:*:*:*", "matchCriteriaId": "3B647CBE-35DA-404C-BC71-0C378CC5CA1B", "vulnerable": true}, {"criteria": "cpe:2.3:h:symantec:gateway_security:5200:*:*:*:*:*:*:*", "matchCriteriaId": "1D1175AC-9310-4804-8FB3-2F988F55BD09", "vulnerable": true}, {"criteria": "cpe:2.3:h:symantec:gateway_security:5200_1.0:*:*:*:*:*:*:*", "matchCriteriaId": "8EB8A732-3D37-4B96-8674-E03CC3826967", "vulnerable": true}, {"criteria": "cpe:2.3:h:symantec:gateway_security:5300:*:*:*:*:*:*:*", "matchCriteriaId": "FF09575E-83D3-4772-816B-7D639B1C32A4", "vulnerable": true}, {"criteria": "cpe:2.3:h:symantec:gateway_security:5300_1.0:*:*:*:*:*:*:*", "matchCriteriaId": "F702A853-EE1C-4937-AED9-FF11EE442F9F", "vulnerable": true}, {"criteria": "cpe:2.3:h:symantec:gateway_security:5310_1.0:*:*:*:*:*:*:*", "matchCriteriaId": "F0043B75-B1FA-48F7-B0B8-DF25CE5CED1F", "vulnerable": true}, {"criteria": "cpe:2.3:h:symantec:gateway_security:5400_2.0:*:*:*:*:*:*:*", "matchCriteriaId": "B413854B-9D67-4FFA-81A7-884D3F473D06", "vulnerable": true}, {"criteria": "cpe:2.3:h:symantec:gateway_security:5400_2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "5838D7A8-80F3-4571-80BE-D4AF0AA7F4C4", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [{"sourceIdentifier": "cve@mitre.org", "tags": ["disputed"]}], "descriptions": [{"lang": "en", "value": "The proxy DNS service in Symantec Gateway Security (SGS) allows remote attackers to make arbitrary DNS queries to third-party DNS servers, while hiding the source IP address of the attacker. NOTE: another researcher has stated that the default configuration does not proxy DNS queries received on the external interface"}, {"lang": "es", "value": "** DISCUTIDO ** El servicio proxy DNS en Symantec Gateway Security (SGS) permite a un atacante remoto hacer consultas DNS de su elecci\u00f3n a los servidores DNS de terceras personas, mientras se ocultan la direcci\u00f3n IP de origen del atacante. NOTA: otro investigador ha se\u00f1alado que la configuraci\u00f3n por defecto no recibe consultas proxy DNS sobre una interfaz externa."}], "id": "CVE-2006-4562", "lastModified": "2025-04-03T01:03:51.193", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2006-09-06T00:04:00.000", "references": [{"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/444114/100/100/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/444134/100/100/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/444135/100/100/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/444330/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/444114/100/100/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/444134/100/100/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/444135/100/100/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/444330/100/0/threaded"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}