CVE-2005-3768

Published: Nov 23, 2005Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in Symantec Dynamic VPN Services, as used in Enterprise Firewall, Gateway Security, and Firewall /VPN Appliance products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.

Affected (11)

Products: Symantec: Enterprise Firewall, Firewall Vpn Appliance 100, Firewall Vpn Appliance 200, Gateway Security 300, Gateway Security 400, Gateway Security 5000 Series, Gateway Security 5100, Gateway Security 5300, Gateway Security 5310, Gateway Security 5400

Symantec

10 products

Enterprise Firewall

Firewall Vpn Appliance 100

Firewall Vpn Appliance 200

Gateway Security 300

Gateway Security 400

Gateway Security 5000 Series

Gateway Security 5100

Gateway Security 5300

Gateway Security 5310

Gateway Security 5400

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Symantec Enterprise Firewall	Version 8.0
Symantec Enterprise Firewall	Version 8.0

Configuration B

9 vulnerable

Vulnerable Software	Affected Versions
Symantec Firewall Vpn Appliance 100	All versions
Symantec Firewall Vpn Appliance 200	All versions
Symantec Gateway Security 300	Version 2.0
Symantec Gateway Security 400	Version 2.0
Symantec Gateway Security 5000 Series	Version 3.0
Symantec Gateway Security 5100	All versions
Symantec Gateway Security 5300	Version 1.0
Symantec Gateway Security 5310	Version 1.0
Symantec Gateway Security 5400	Version 2.0.1