WEBINAR: Live Event Date: September 20, 2017 @ 1:00 p.m. ET / 10:00 a.m. PT
Designing a Proactive Approach to Information Security with Cyber Threat Hunting REGISTER >
The flaw was disclosed to Symantec on July 3 by Ubizen, a security services provider that, ironically, soon after became a Symantec competitor. On July 17, Symantec announced it was acquiring Riptech, another security services provider.
Nonetheless, Ubizen worked with Symantec's Security Response Team to resolve the issue, which centers on how Raptor firewalls generate Initial Sequence Numbers (ISNs), which are used to identify IP sessions.
Ubizen says the Symantec firewalls use an algorithm that generates ISNs that are not sufficiently random, making it possible to predict -- within certain parameters -- the next number in a sequence. With that information, a hacker can hijack the session and gain access to internal resources.
Ubizen worked with Symantec to come up with a patch for its firewalls. The patch is available at http://securityresponse.symantec.com.
Symantec firewalls affected by the flaw are: