Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1463

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2002-1463
Last Modified 05 Sep 2008 04:30:39
Published 09 Jun 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-1463

Summary

Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor Models 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 generate easily predictable initial sequence numbers (ISN), which allows remote attackers to spoof connections.

Vulnerable Systems

Application

  • Symantec Enterprise Firewall 6.5.2

  • Symantec Enterprise Firewall 7.0

  • Symantec Raptor Firewall 6.5

  • Symantec Raptor Firewall 6.5.3

  • Symantec Velociraptor Model 1000

  • Symantec Velociraptor Model 1100

  • Symantec Velociraptor Model 1200

  • Symantec Velociraptor Model 1300

  • Symantec Velociraptor Model 500

  • Symantec Velociraptor Model 700


References

CONFIRM - http://www.symantec.com/techsupp/bulletin/archive/firewall/082002firewall.html

BUGTRAQ - 20020802 Security Advisory: Raptor Firewall Weak ISN Vulnerability

XF - symantec-tcp-seq-predict(12836)

BID - 5387

OSVDB - 855


Last Updated: 27 May 2016 10:37:20