Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0990

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2002-0990
Last Modified 05 Sep 2008 04:29:29
Published 28 Oct 2002 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-0990

Summary

The web proxy component in Symantec Enterprise Firewall (SEF) 6.5.2 through 7.0, Raptor Firewall 6.5 and 6.5.3, VelociRaptor, and Symantec Gateway Security allow remote attackers to cause a denial of service (connection resource exhaustion) via multiple connection requests to domains whose DNS server is unresponsive or does not exist, which generates a long timeout.

Vulnerable Systems

Application

  • Symantec Enterprise Firewall 6.5.2

  • Symantec Enterprise Firewall 7.0

  • Symantec Raptor Firewall 6.5

  • Symantec Raptor Firewall 6.5.3

  • Symantec Velociraptor 1000

  • Symantec Velociraptor 1100

  • Symantec Velociraptor 1200

  • Symantec Velociraptor 1300

  • Symantec Velociraptor 500

  • Symantec Velociraptor 700


References

CONFIRM - http://securityresponse.symantec.com/avcenter/security/Content/2002.10.11.html

BUGTRAQ - 20021014 Multiple Symantec Firewall Secure Webserver timeout DoS

XF - simple-webserver-url-dos(10364)

BID - 5958


Last Updated: 27 May 2016 10:37:09