UBIZEN DISCOVERS SECURITY VULNERABILITY IN SYMANTEC'S RAPTOR FIREWALL

Ubizen first found the hole in the Raptor Firewall using an internally developed software tool called ISNprober. ISNprober samples a host for initial sequence numbers to ensure that they are significantly random enough to thwart a hacker's break-in attempts. The affected systems were:
 
* Raptor Firewall 6.5 (Windows NT)
* Raptor Firewall 6.5.3 (Solaris)
* Symantec Enterprise Firewall 6.5.2 (Windows 2000 and NT)
* Symantec Enterprise Firewall V7.0 (Solaris)
* Symantec Enterprise Firewall 7.0 (Windows 2000 and NT)
* VelociRaptor Model 500/700/1000
* VelociRaptor Model 1100/1200/1300
* Symantec Gateway Security 5110/5200/5300

Symantec's Security Response Team (symsecurity@symantec.com) was contacted about this issue on Wednesday, July 03 2002. A coordinated effort between Symantec and Ubizen has lead to quick resolution of this issue. A HotFix has been made available to eradicate this vulnerability at http://securityresponse.symantec.com/ on August 1, 2002.

About Ubizen
Ubizen is the principal provider of Managed Security Solutions for global businesses. Companies rely on Ubizen OnlineGuardian® services for outsourced management, monitoring and support of enterprise security devices 24x7x365. A Professional Services team complements Ubizen OnlineGuardian managed services, by helping enterprises plan and implement vulnerability assessments, security policies and security infrastructures. Ubizen also protects Web servers against application-level attacks, such as Nimda and Code Red, with Ubizen DMZ/Shield(tm) Enterprise.

Ubizen (www.ubizen.com) is a public company with dual listings on Nasdaq Europe (UBIZ) and the Euronext (UBI) exchange.

Contacts:

Ubizen
Chris de Jongh
Telefoon: 0297 231 555
Fax: 0297 231 556
E-mail: chris.dejongh@ubizen.com

Lammers van Toorenburg PR
Richard Verbeek/Fleur van der Haar
Telefoon: 030 656 50 70
Fax: 030 656 54 73
E-mail: ubizen@lvtpr.nl