CVE-2006-4562

The proxy DNS service in Symantec Gateway Security (SGS) allows remote attackers to make arbitrary DNS queries to third-party DNS servers, while hiding the source IP address of the attacker. NOTE: another researcher has stated that the default configuration does not proxy DNS queries received on the external interface

Published: Sep 6, 2006
Updated: Nov 8, 2023
CVE: CVE-2006-4562
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:P/I:N/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
symantec / gateway_security	5310_1.0	5310_1.0.x
symantec / gateway_security	5400_2.0.1	5400_2.0.1.x
symantec / gateway_security	5110	5110.x
symantec / gateway_security	5200_1.0	5200_1.0.x
symantec / gateway_security	360	360.x
symantec / gateway_security	5300	5300.x
symantec / gateway_security	320	320.x
symantec / gateway_security	360r	360r.x
symantec / gateway_security	1.0	1.0.x
symantec / gateway_security	5400_2.0	5400_2.0.x
symantec / gateway_security	5000_series_2.0.1	5000_series_2.0.1.x
symantec / gateway_security	5000_series_3.0	5000_series_3.0.x
symantec / gateway_security	5200	5200.x
symantec / gateway_security	5300_1.0	5300_1.0.x
symantec / gateway_security	5110_1.0	5110_1.0.x

Vulnerability Database

289,697

CVE-2006-4562