Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 and Gateway Security 320, 360, and 360R running firmware before 622 allow remote attackers to bypass filtering and determine whether the device is running services such as tftpd, snmpd, or isakmp via a UDP port scan with a source port of UDP 53.
https://exchange.xforce.ibmcloud.com/vulnerabilities/17470
http://www.securityfocus.com/bid/11237
http://www.kb.cert.org/vuls/id/329230
http://securityresponse.symantec.com/avcenter/security/Content/2004.09.22.html