CVE-2002-0990

Опубликовано: 28 окт. 2002

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

The web proxy component in Symantec Enterprise Firewall (SEF) 6.5.2 through 7.0, Raptor Firewall 6.5 and 6.5.3, VelociRaptor, and Symantec Gateway Security allow remote attackers to cause a denial of service (connection resource exhaustion) via multiple connection requests to domains whose DNS server is unresponsive or does not exist, which generates a long timeout.

Ссылки

http://marc.info/?l=bugtraq&m=103463869503124&w=2
http://securityresponse.symantec.com/avcenter/security/Content/2002.10.11.html
Patch
Vendor Advisory
http://www.iss.net/security_center/static/10364.php
Vendor Advisory
http://www.securityfocus.com/bid/5958
http://marc.info/?l=bugtraq&m=103463869503124&w=2
http://securityresponse.symantec.com/avcenter/security/Content/2002.10.11.html
Patch
Vendor Advisory
http://www.iss.net/security_center/static/10364.php
Vendor Advisory
http://www.securityfocus.com/bid/5958

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:symantec:enterprise_firewall:6.5.2:*:windows_2000_nt:*:*:*:*:*

cpe:2.3:a:symantec:enterprise_firewall:7.0:*:solaris:*:*:*:*:*

cpe:2.3:a:symantec:enterprise_firewall:7.0:*:windows_2000_nt:*:*:*:*:*

cpe:2.3:a:symantec:raptor_firewall:6.5:*:windows_nt:*:*:*:*:*

cpe:2.3:a:symantec:raptor_firewall:6.5.3:*:solaris:*:*:*:*:*

cpe:2.3:a:symantec:velociraptor:500:*:*:*:*:*:*:*

cpe:2.3:a:symantec:velociraptor:700:*:*:*:*:*:*:*

cpe:2.3:a:symantec:velociraptor:1000:*:*:*:*:*:*:*

cpe:2.3:a:symantec:velociraptor:1100:*:*:*:*:*:*:*

cpe:2.3:a:symantec:velociraptor:1200:*:*:*:*:*:*:*

cpe:2.3:a:symantec:velociraptor:1300:*:*:*:*:*:*:*

Конфигурация 2

Одно из

cpe:2.3:h:symantec:gateway_security:5110:*:*:*:*:*:*:*

cpe:2.3:h:symantec:gateway_security:5200:*:*:*:*:*:*:*

cpe:2.3:h:symantec:gateway_security:5300:*:*:*:*:*:*:*

EPSS

Процентиль: 77%

0.01072

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-gpqc-h3w5-77f4

github

почти 4 года назад