1. CVE-Search
  2. CVE-2002-0990
ID CVE-2002-0990
Summary The web proxy component in Symantec Enterprise Firewall (SEF) 6.5.2 through 7.0, Raptor Firewall 6.5 and 6.5.3, VelociRaptor, and Symantec Gateway Security allow remote attackers to cause a denial of service (connection resource exhaustion) via multiple connection requests to domains whose DNS server is unresponsive or does not exist, which generates a long timeout.
References
Vulnerable Configurations
  • cpe:2.3:a:symantec:enterprise_firewall:6.5.2:*:windows_2000_nt:*:*:*:*:*
    cpe:2.3:a:symantec:enterprise_firewall:6.5.2:*:windows_2000_nt:*:*:*:*:*
  • cpe:2.3:a:symantec:enterprise_firewall:7.0:*:solaris:*:*:*:*:*
    cpe:2.3:a:symantec:enterprise_firewall:7.0:*:solaris:*:*:*:*:*
  • cpe:2.3:a:symantec:enterprise_firewall:7.0:*:windows_2000_nt:*:*:*:*:*
    cpe:2.3:a:symantec:enterprise_firewall:7.0:*:windows_2000_nt:*:*:*:*:*
  • cpe:2.3:a:symantec:raptor_firewall:6.5:*:windows_nt:*:*:*:*:*
    cpe:2.3:a:symantec:raptor_firewall:6.5:*:windows_nt:*:*:*:*:*
  • cpe:2.3:a:symantec:raptor_firewall:6.5.3:*:solaris:*:*:*:*:*
    cpe:2.3:a:symantec:raptor_firewall:6.5.3:*:solaris:*:*:*:*:*
  • cpe:2.3:a:symantec:velociraptor:500:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:velociraptor:500:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:velociraptor:700:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:velociraptor:700:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:velociraptor:1000:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:velociraptor:1000:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:velociraptor:1100:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:velociraptor:1100:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:velociraptor:1200:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:velociraptor:1200:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:velociraptor:1300:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:velociraptor:1300:*:*:*:*:*:*:*
  • cpe:2.3:h:symantec:gateway_security:5110:*:*:*:*:*:*:*
    cpe:2.3:h:symantec:gateway_security:5110:*:*:*:*:*:*:*
  • cpe:2.3:h:symantec:gateway_security:5200:*:*:*:*:*:*:*
    cpe:2.3:h:symantec:gateway_security:5200:*:*:*:*:*:*:*
  • cpe:2.3:h:symantec:gateway_security:5300:*:*:*:*:*:*:*
    cpe:2.3:h:symantec:gateway_security:5300:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 18-10-2016 - 02:23)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:P
refmap via4
bid 5958
bugtraq 20021014 Multiple Symantec Firewall Secure Webserver timeout DoS
confirm http://securityresponse.symantec.com/avcenter/security/Content/2002.10.11.html
xf simple-webserver-url-dos(10364)
Last major update 18-10-2016 - 02:23
Published 28-10-2002 - 05:00
Last modified 18-10-2016 - 02:23
Back to Top