Symantec Gateway Security 3.0 Security Update 1

September 6, 2005
Symantec Gateway Security 3.0 Security Update 1

Description

Use the LiveUpdate feature of Symantec Gateway Security to download the security update.

SGS 3.0 SU 1 adds coverage for the following vulnerabilities and threats:

3Com ADSL Router Information Disclosure
ActiveSearch Search Activity
Alcatel PABX 4400 Info. Disclosure
AOL Instant Messenger AwayMsg BO
AOL Instant Messenger Login
AOL Instant Messenger Message Received
AOL Instant Messenger Message Sent
ArcServe Agent Auth Backdoor
ArcServe Discovery SERVICEPC BO
AVAYA Cajun Device DoS
AWStats Remote Command Exec
Backdoor C.I.A
Backdoor MoSucker 3.0
Backdoor X ZT00 ver 1.0
BadBlue Directory Traversal
BD BioNet 4.00.03 BE S
BD BugBear Web
BD CDK
BD Guptachar
BD IIlusion 1.0
Canna Buffer Overflow
CFEngine Authentication Heap Overflow
CITADEL UX Format String
ClarkConnect Info Disclosure
Cross Reference Linux Directory Trav.
csSearch.cgi Remote Command Execution
Cyrus IMSP Daemon Overflow
Darwin MS DOS Device Name DOS
Finger Server Pipe Vulnerability
FTP MS JET DB Buffer Overflow
Gaobot DDOS commands
Gaobot Harvest Mail and Keys Command
GTP (U) V1 Short Invalid TCP Option
GTP (U) Ver0 Invalid TCP Option
GTP (U) Ver1 Long Invalid TCP Option
GTP SymbOS.Commwarrior Worm Msg
GTP V0(U) SymbOS.Commwarrior Worm File
GTP V1(U) SymbOS.Commwarrior Worm File
GTP Ver0 Invalid Message Type
GTP Ver0 Invalid Spare Field
GTP Ver0 Invalid Spare Field 1
GTP Ver0 Tunneling Over GTP
GTP Ver1 (User Plane) Invalid Msg Type
GTP Ver1 Long Tunneling Over GTP
GTP Ver1 Short Tunneling Over GTP
GTP Ver1(C) Invalid Msg Type
GTP Ver1(C) Invalid Spare Field 1
GTP Ver1(U) Invalid Spare Field 1
Helix Server Heap BO
HP Instant TopTools Denial Of Service
HP JetAdmin Information Disclosure
HP JetDirect LCD Display Modification
HTML WinHelp Item Buffer Overflow
HTTP A1Stats CGI Dir Traversal
HTTP Abe Timmerman zml.cgi File Disc.
HTTP ADMentor Login Flaw
HTTP AlienForm Directory Traversal
HTTP Anacondaclip Directory Traversal
HTTP Annex Ping CGI DoS
HTTP Apache ASP Example Script
HTTP Apache Illegal Chars File Discl.
HTTP Apache php.exe File Disclosure
HTTP Armada Traversal
HTTP AtomicBoard Dir Traversal
HTTP Auktion CGI Dir. Traversal
HTTP AutoShops Script Name BO
HTTP Axis Storpoint Auth Bypass
HTTP BB Hist CGI Dir. Traversal
HTTP Bytes shopper.cgi Dir. Traversal
HTTP CDomainFree Rte File Exec.
HTTP CFENGINE Trans Packet BO
HTTP CGI Cmd Exec IkonBoard
HTTP CGI Gozila Command DoS
HTTP CGI Rec. Mailreader nph-mr.cgi
HTTP CGI Recursion End MailMan Cmd Exec
HTTP CGI Recursion MultiHTML
HTTP CGIEmail BO
HTTP Cisco DSL Router DoS
HTTP Cobalt RAQ Service.cgi BO
HTTP Crystal Rpts Form Viewer Traversal
HTTP DirectoryPro Directory Traversal
HTTP Etheni File Include
HTTP Gallery File Include
HTTP Guestbook CGI Dir. Traversal
HTTP HappyMall Member Cmd Exec
HTTP HappyMall Normal Cmd Exec
HTTP Home Free Dir Traversal
HTTP Hosting Controller Dir Traversal
HTTP ht://Dig Config File Include
HTTP Hyperseek 2000 Dir. Traversal
HTTP iCat carbo.dll Dir. Traversal
HTTP Icecast print_client Format String
HTTP idq.dll Directory Traversal
HTTP IIS HTW Cross Site Scripting
HTTP IIS IDC STM HTR Request BO
HTTP Inktomi Ultraseek Search DoS
HTTP Interactive Story Dir Traversal
HTTP ION CGI Dir. Traversal
HTTP iPlanet Directory Traversal
HTTP IRIX Pfdispaly.cgi Cmd Exec.
HTTP iXmail CGI Dir. Traversal
HTTP JBoss JSP Source Disclosure
HTTP JRun CGI Directory Traversal
HTTP JRun Directory Disclosure
HTTP JRun Root Directory Disclosure
HTTP Kebi Academy Directory Traversal
HTTP Kerio MailServer Username BO
HTTP Kietu File Include
HTTP listrec.pl Command Exec
HTTP MacOSX Clnt Apache Disclosure
HTTP MacroMed Dreamweaver DB Access
HTTP Macromedia JRun Dotcfm File Disc.
HTTP MartinHamilton File Disclosure
HTTP MDaemon GET Request BO
HTTP MediaHouse BO
HTTP Mercur BO
HTTP MetaIP MetaInfo Traversal
HTTP Microburst uStorekeeper Cmd Exec
HTTP MiniVend CMD Exec
HTTP MondoSearch Source Disclosure
HTTP MPCSoftWeb DB Info Disclosure
HTTP MRTG Directory Traversal
HTTP MS JET DB Buffer Overflow
HTTP MS Site Server Default Account
HTTP MSIE DHTML Edit Ctrl Attack
HTTP MSIIS Chunk Encoding Heap Overflow
HTTP MSIIS NTLM ASN1 Buffer Overflow
HTTP MSIIS W3Who ISAPI BO
HTTP Negative Content Length
HTTP NewAtlanta File Disclosure
HTTP O'Reilly webfind.exe BO
HTTP Oracle 9IAS PL/SQL Directory Trav.
HTTP Oracle 9IAS PLSQL BO
HTTP Oracle PLSQLWeb Info Discl.
HTTP Oracle SOAP Default Config Vuln
HTTP Oracle Stored Proc Access
HTTP Oracle9i Default Config Info Disc.
HTTP Oracle9IAS JSP Info Disc.
HTTP Oracle9iAS SensSrvs Info Disc.
HTTP Outlook MAILTO Parse Error
HTTP Phorum Stats Request
HTTP Pi3Web Buffer Overflow
HTTP Remote File Inc BlNews
HTTP Remote File Inc. Invision Board
HTTP Remote File Include 4nAlbum
HTTP Remote File Include Basilix
HTTP Remote File Include IdeaBox
HTTP Remote File Include Informix
HTTP Remote File Include Mambo
HTTP Remote File Include myphpPageTool
HTTP Remote File Include PMachine
HTTP Remote SQL Inject Battleaxe
HTTP Remote SQL Injection IMP
HTTP Remote SQL Injection InstaBoard
HTTP Remote SQL Injection issProtect
HTTP Remote SQL Injection iXmail
HTTP SambarSrv Info. Disclosure
HTTP Sdbsearch.cgi Command Exec.
HTTP SendTemp Dir. Traversal
HTTP SGLMerchant Dir. Traversal
HTTP Shoutcast Admin CGI DoS
HTTP SilverPlatter WebSPIRS File Disc.
HTTP SilverStream DB Structure Disc
HTTP Six WebBoard File Disclosure
HTTP SMTP NTLM ASN1 Buffer Overflow
HTTP Smuggle Content Len Encoding
HTTP Smuggle Content Length
HTTP Smuggle Get Content Length
HTTP Smuggle IIS Content Len
HTTP Sojourn Directory Traversal
HTTP Spyke PHP Board Info Disc.
HTTP SSCD SunCourier.pl Cmd Exec.
HTTP Super Guestbook Info Disc.
HTTP SuSE Apache CGI Src Code Disc.
HTTP TalentSoft WebPlus Dir. Traversal
HTTP Tarantella TTAWebTop.CGI
HTTP Technote Parameter File Disclosure
HTTP Tektronix Printer Admin Interface
HTTP texis.exe Information Disclosure
HTTP textcounter.pl Cmd Execution
HTTP TextPortal Default User/Password
HTTP Thinking Arts Dir Traversal
HTTP Tomcat DftServlet File Disc.
HTTP Tomcat ServletPath Info Disclosure
HTTP TrendMicro OfficeScan Dir Disc.
HTTP Truegalerie Unauth Admin Access
HTTP ttCMS News hdr.php File Inclusion
HTTP ttCMS/Forum Remote File Inc.
HTTP vBulletin PHP Cmd. Exec.
HTTP vBulletin PHP misc.php Code Exec
HTTP Vchat Message Disclosure
HTTP Virt Prog VP-ASP SQL Injection
HTTP WEB-INF Info Disclosure
HTTP WebCalendar File Disclosure
HTTP WebCart Cmd Execution
HTTP Webchat defines.php File Include
HTTP Webfroot Shoutbox Dir. Traversal
HTTP WebLogic File Disclosure
HTTP WebSpeed Admin Utility Access
HTTP WebWho+ Remote Cmd Exec
HTTP WebWiz Forum Info. Disc.
HTTP web_store.cgi Dir. Traversal
HTTP WFChat Info Disclosure
HTTP Wordit Logbook.pl Cmd Exec
HTTP Wordpress PHP File Include
HTTP Xpressions SQL Injection
HTTP XSTAT PHPInfo Disclosure
HTTP YaBB Arbitrary File Read
HTTP Zentrack Index.php File Include
HTTP Zentrack index.php Info Disc.
ICC Profile TagData Overflow
ICMP Lowering MTU Value
Imapd Authenticate Buffer Overflow
ISO-SP AB Parameter Is Not User Data
ISO-SP DN Parameter Is Not User Data
ISO-SP DT Parameter Is Not User Data
ISO-SP FN Parameter Is Not User Data
ISO-SP Invalid CN Parameter Code
ISO-SP Invalid Service Code
ISO-SP Oversized CN Parameter
ISO-TP0 Invalid TPDU User Data Size
ISO-TP0 Oversized Transport Selector ID
ISO-TP0 Unknown Transport Code
ISS SMB Parsing Heap Overflow
Linux Whois Exec
Lotus Domino Directory Traversal
Microsoft Word HyperlinkExt BO
MIT Kerberos4 telnetd BO
MS DHCP Serv Logging DoS
MS Exchange Excessive DNS Replies (TCP)
MS Exchange Excessive DNS Replies (UDP)
MS Exchange X-LINK2STATE BO
MS Exchange XEXCH50 BO
MS IIS FTP Wildcard DoS
MS Javaprxy DLL Buffer Overflow
MS Media Player ActiveX Ctrl File Enum
MS Messenger Service BO 2 (UDP)
MS Outlook Web Access URI Redirect
MS Rating File Buffer Overflow
MS Telnet Protocol Options BO
MS Windows MSHTA Shell Execution
MS WINS Name Value BO
MS WINS Query BO (TCP)
MSIE File DragDrop Embed Code
MSIE FTP Proto Handler Local File Disc
MSRPC License Logging CodeExec
MSRPC MSMQueryProp BO (1)
MSRPC MSMQueryProp BO (2)
MSSQL Ping DOS Storm
Multiple Vendor X Font Server BO
NCIRCD IRC Daemon DOS
Netscape Ent. INDEX Directory Disc.
Netscape Page Services Info Disc
NGIRCD Format String Vulnerability
NNTP Cassandra AuthInfo BO
Novell Imap Literal Count Overflow
Oracle JSP Pages Source Disclosure
OS X Apple File Print Remote BO
OS X Darwin Parse_XML.cgi File Disc.
OS X Help Remote Code Execution
OS X View Broadcast.cgi DoS
Outlook Express NNTP LIST Newsgroup BO
PHP Projekt Remote File Inclusion
PHP Rocket Add-in Directory Traversal
PHP WindBoard Remote File Include
PHPBB GedView Remote FIle Include
PHPBB Cash Admin Remote File Include
POP3 XMail Buffer Overflow
RFC1006 Invalid Vers/Res Fld Value (A)
RFC1006 Invalid Vers/Res Fld Value (B)
Skype Requesting Updates
Skype Requesting Updates (2)
SLMail VRFY and EXPN Buffer Overflow
SmallFTPD Directory Traversal
SMB Frag Reassembly BO
SMB Large Return Field
SMB MS JET Malformed DB Buffer Overflow
SMTP Domino Mail Loop DoS
SMTP Domino SMTP ENVID BO
SMTP HELO Command BO
Solaris FingerD Disclosure
TCP MODBUS - Clear Ctrs & Diag Registers
TCP MODBUS - Force Listen Only Mode
TCP MODBUS - Illegal Packet Size
TCP MODBUS - Read Device Identification
TCP MODBUS - Report Server Information
TCP MODBUS - Restart Communications Opt.
TCP MODBUS - Unauthorized Read Request
TCP MODBUS - Unauthorized Write Request
Telnet Cayman Router BO
Thttpd tdate Stack Overflow
TinyProxy Heap Overflow
Trend Micro Viruswall Catinfo BO
Typo3 Translations.PHP File Disclosure
Veritas Backup Exec Agent Auth BO
Veritas Backup Exec Agent DoS
VNC Login Failed
VNC Login Success
VNC Server Banner
Way-Board File Disclosure
Webfroot Shoutbox Remote File Include
Windows Sharepoint Svc Spoofing
WorldSpan Res Manager Malformed DoS
WU FTPd Format String Overflow
WU-FTPd Site Exec BO
Xerver Multiple Request DoS
Xtramail Multiple DoS
ZYXEL Router Reset

SGS 3.0 SU 1 provides updated coverage for the following vulnerabilities and threats:

180Solutions Configuration Event
180Solutions Requesting Action URL
180Solutions Requesting Ads
180Solutions Requesting Keywords
180Solutions Tracking Events
Binet Information Upload
Binet Installation Activity
Cydoor Media Files Request
Cyrus IMAPD Pre-login BO
Delfin Activity
Delfin Ads Request
Delfin Definition File Request
Euniverse Flowgo Ping Request
Euniverse FlowGoBar Config Request
Euniverse KeenValue Info Transfer
Euniverse Keenvalue PopUp Request
Euniverse Thunderdownload Activity
Euniverse Thunderdownload Installation
Ezula Upgrade & Version Check
FTP CreateDirectory BO (2)
FTP Pathname Glob BufferOverflow
Gator Communication
Gator New Code Info Request
Gator Reporting Typed URL
Gator Reporting Typed URL (2)
Gator Website Visit Data Request
Hotbar Info Transfer For PopUp Ads
Hotbar Installation & Upgrade Activity
Hotbar PopUp Ads Request
Hotbar Reports Activity
Hotbar Temp & Toolbar Disp Activity
Hotbar Updates Activity
HTTP /etc/passwd Probe
HTTP ANS PL CGI Dir. Traversal
HTTP AOL Server Default Login
HTTP Apache ServStatus Info Disclosure
HTTP BB HostSvc Dir. Traversal
HTTP Cart32 Remote Admin PW
HTTP CGI Count Buffer Overflow
HTTP CGIForum Dir. Traversal
HTTP IE Object Type Validation
HTTP IIS CMDExecution Access (2)
HTTP IIS ISAPI Extension (Code Red)
HTTP IIS ISAPI Printer BO
HTTP IIS WebDAV PROPFIND Overflow
HTTP IIS Welchia WebDAV SEARCH BO (2)
HTTP MDAC Component Query BO
HTTP MS BizTalk DTA RemoteExec
HTTP MS FrontPage SmartHTML DoS
HTTP MS IFRAME JOB Share Redirect
HTTP MS IIS ASP DataSuffix Request
HTTP MS IIS SQL Hit Disclosure
HTTP MSIE CHM Cross-Domain Redirect
HTTP MSIE Help CTRL Local Zone Bypass
HTTP MSIE Object Tag Overflow
HTTP NNTP XPAT Cmd Query Overflow
HTTP PHP CGI Overflow
HTTP SGI InfoSearch fname Exec
HTTP WebDAV MSXML Attribute DoS
ICQ Guestbook DoS Long Name
Intel NO-OPs in HTTP Request
IRC DCC Private Message Chat Cmd
IRC Notice Command
IRC Notice DCC Chat Command
IRC Notice DCC Send Command
IRC Private Message DCC Send Cmd
ISTBar Configuration Request
Kazaa File Request
Marketscore Config Request
MS IE Malformed IFRAME/EMBED BO
MS IE Mouse Event Hijacking
MS JET DB Engine DSN Hack
MS Media Services Overflow
MS Messenger Service BO (UDP)
MS RPC LSASS DS Request (TCP)
MS RPC LSASS DS Request (UDP)
MS Shell File Download Ext. Misrep.
MS Visual Studio RAD Support BO
MS Windows Backdoor cmd Shell Access
MS Windows GDI+ JPEG Overflow (HTTP)
MS WINS Remote Buffer Overflow
MS WINS Replication Protocol Remote BO
MSFTP IIS Status DoS
MXTarget Information Upload
MyWay Buttons Request
MyWay Configuration Request
NetDevil Backdoor 1.5
NetOptimizer Agent Upload
NNTP Failed Authentication
P2P Blubster Download Setup
POP3 Suspicious Username ("root")
Rlogin Failed Authentication
Root Rlogin Disallowed
Root RSH Login Disallowed
RSH Failed Authentication
SIP VoIP Invite Request
Sparc NO-OPs in HTTP Request
Telnet RESOLV Environment Variable
Topmoxie Recoding Downloads & Offers
TopMoxie Requesting Build Files
UDP Ascend Reboot DoS
UnivWash IMAPD LSUB BO
W32 Beagle B Worm Backdoor
WhenU ClockSync WeatherCast Activity
WhenU Installation Activity
WhenU Request For Offers
WhenU SearchBar Sidefinder Activity
WhenU Update Events
Whisker/Libwhisker Scan (2)
Wingate Prompt on Telnet Connection

Initial Post on: Tuesday, 06-Sep-05 12:10:00
Last modified on: Thursday, 22-Sep-05 23:30:29