var-200205-0031
Vulnerability from variot
NetScreen ScreenOS before 2.6.1 does not support a maximum number of concurrent sessions for a system, which allows an attacker on the trusted network to cause a denial of service (resource exhaustion) via a port scan to an external network, which consumes all available connections. NetScreen is a line of Internet security appliances integrating firewall, VPN and traffic management features. ScreenOS is the software used to manage and configure the firewall. NetScreen supports Microsoft Windows 95, 98, ME, NT and 2000 clients. An issue has been reported in NetScreen ScreenOS which could cause the system to stop responding. This is due to the number of concurrent sessions allowed per user. Exploitation of this issue is possible using a port scanner that does not properly release sessions. This vulnerability will occupy all valid connections
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200205-0031",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netscreen screenos",
"scope": "lte",
"trust": 1.0,
"vendor": "juniper",
"version": "2.6.1"
},
{
"model": "netscreen screenos",
"scope": "eq",
"trust": 0.6,
"vendor": "juniper",
"version": "2.6.1"
},
{
"model": "screenos",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "2.6.1"
},
{
"model": "screenos r1",
"scope": "ne",
"trust": 0.3,
"vendor": "netscreen",
"version": "3.1"
},
{
"model": "screenos",
"scope": "ne",
"trust": 0.3,
"vendor": "netscreen",
"version": "3.1"
},
{
"model": "screenos r1",
"scope": "ne",
"trust": 0.3,
"vendor": "netscreen",
"version": "3.0.1"
},
{
"model": "screenos r1",
"scope": "ne",
"trust": 0.3,
"vendor": "netscreen",
"version": "3.0"
},
{
"model": "screenos r1",
"scope": "ne",
"trust": 0.3,
"vendor": "netscreen",
"version": "2.8"
},
{
"model": "screenos r2",
"scope": "ne",
"trust": 0.3,
"vendor": "netscreen",
"version": "2.6.1"
},
{
"model": "fasttrack server 3.0.0r1",
"scope": "ne",
"trust": 0.3,
"vendor": "netscape",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "4015"
},
{
"db": "CNNVD",
"id": "CNNVD-200205-083"
},
{
"db": "NVD",
"id": "CVE-2002-0234"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovered by Chris Lathem \u003cclathem@skyhawke.com\u003e.",
"sources": [
{
"db": "BID",
"id": "4015"
},
{
"db": "CNNVD",
"id": "CNNVD-200205-083"
}
],
"trust": 0.9
},
"cve": "CVE-2002-0234",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2002-0234",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.0,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "VHN-4627",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2002-0234",
"trust": 1.0,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-200205-083",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-4627",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4627"
},
{
"db": "CNNVD",
"id": "CNNVD-200205-083"
},
{
"db": "NVD",
"id": "CVE-2002-0234"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NetScreen ScreenOS before 2.6.1 does not support a maximum number of concurrent sessions for a system, which allows an attacker on the trusted network to cause a denial of service (resource exhaustion) via a port scan to an external network, which consumes all available connections. NetScreen is a line of Internet security appliances integrating firewall, VPN and traffic management features. ScreenOS is the software used to manage and configure the firewall. NetScreen supports Microsoft Windows 95, 98, ME, NT and 2000 clients. \nAn issue has been reported in NetScreen ScreenOS which could cause the system to stop responding. This is due to the number of concurrent sessions allowed per user. \nExploitation of this issue is possible using a port scanner that does not properly release sessions. This vulnerability will occupy all valid connections",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-0234"
},
{
"db": "BID",
"id": "4015"
},
{
"db": "VULHUB",
"id": "VHN-4627"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2002-0234",
"trust": 2.0
},
{
"db": "BID",
"id": "4015",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200205-083",
"trust": 0.7
},
{
"db": "XF",
"id": "8057",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20020201 RE: NETSCREEN SCREENOS 2.6 SUBJECT TO TRUST INTERFACE DOS",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20020205 NETSCREEN RESPONSE TO SCREENOS PORT SCAN DOS VULNERABILITY",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20020201 NETSCREEN SCREENOS 2.6 SUBJECT TO TRUST INTERFACE DOS",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-4627",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4627"
},
{
"db": "BID",
"id": "4015"
},
{
"db": "CNNVD",
"id": "CNNVD-200205-083"
},
{
"db": "NVD",
"id": "CVE-2002-0234"
}
]
},
"id": "VAR-200205-0031",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-4627"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-22T22:54:21.919000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-0234"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "http://www.securityfocus.com/bid/4015"
},
{
"trust": 2.7,
"url": "http://online.securityfocus.com/archive/1/254268"
},
{
"trust": 2.7,
"url": "http://www.iss.net/security_center/static/8057.php"
},
{
"trust": 2.0,
"url": "http://marc.info/?l=bugtraq\u0026m=101258281818524\u0026w=2"
},
{
"trust": 2.0,
"url": "http://marc.info/?l=bugtraq\u0026m=101258887105690\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=101258887105690\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=101258281818524\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.netscreen.com/index.html"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=101258281818524\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=101258887105690\u0026amp;w=2"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4627"
},
{
"db": "BID",
"id": "4015"
},
{
"db": "CNNVD",
"id": "CNNVD-200205-083"
},
{
"db": "NVD",
"id": "CVE-2002-0234"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-4627"
},
{
"db": "BID",
"id": "4015"
},
{
"db": "CNNVD",
"id": "CNNVD-200205-083"
},
{
"db": "NVD",
"id": "CVE-2002-0234"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-05-29T00:00:00",
"db": "VULHUB",
"id": "VHN-4627"
},
{
"date": "2002-02-01T00:00:00",
"db": "BID",
"id": "4015"
},
{
"date": "2002-05-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200205-083"
},
{
"date": "2002-05-29T04:00:00",
"db": "NVD",
"id": "CVE-2002-0234"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-10-18T00:00:00",
"db": "VULHUB",
"id": "VHN-4627"
},
{
"date": "2009-07-11T09:56:00",
"db": "BID",
"id": "4015"
},
{
"date": "2006-08-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200205-083"
},
{
"date": "2024-11-20T23:38:37.043000",
"db": "NVD",
"id": "CVE-2002-0234"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "4015"
},
{
"db": "CNNVD",
"id": "CNNVD-200205-083"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NetScreen ScreenOS Port Scan Denial of Service Vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200205-083"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200205-083"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…