Security Flaw Found In Symantec Firewalls
A number of Symantec firewalls, including popular Raptor models, have a security flaw that renders networks protected by the systems vulnerable to intrusion.
The flaw was disclosed to Symantec on July 3 by Ubizen, a security services provider that, ironically, soon after became a Symantec competitor. On July 17, Symantec announced it was acquiring Riptech, another security services provider.
Nonetheless, Ubizen worked with Symantec's Security Response Team to resolve the issue, which centers on how Raptor firewalls generate Initial Sequence Numbers (ISNs), which are used to identify IP sessions.
Ubizen says the Symantec firewalls use an algorithm that generates ISNs that are not sufficiently random, making it possible to predict -- within certain parameters -- the next number in a sequence. With that information, a hacker can hijack the session and gain access to internal resources.
Ubizen worked with Symantec to come up with a patch for its firewalls. The patch is available at http://securityresponse.symantec.com.
Symantec firewalls affected by the flaw are: