ID

VAR-200003-0015


CVE

CVE-2000-0238


TITLE

Norton AntiVirus Vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200003-034

DESCRIPTION

Buffer overflow in the web server for Norton AntiVirus for Internet Email Gateways allows remote attackers to cause a denial of service via a long URL. Due to unchecked buffer code, the program will crash causing a Dr. Watson error when a URL consisting of a large number of characters is requested

Trust: 1.26

sources: NVD: CVE-2000-0238 // BID: 1064 // VULHUB: VHN-1817

AFFECTED PRODUCTS

vendor:symantecmodel:norton antivirusscope:eqversion:1.0

Trust: 1.6

vendor:symantecmodel:norton antivirus for internet email gatewaysscope:eqversion:1.0

Trust: 0.3

sources: BID: 1064 // CNNVD: CNNVD-200003-034 // NVD: CVE-2000-0238

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2000-0238
value: MEDIUM

Trust: 1.0

CNNVD: CNNVD-200003-034
value: MEDIUM

Trust: 0.6

VULHUB: VHN-1817
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2000-0238
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-1817
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-1817 // CNNVD: CNNVD-200003-034 // NVD: CVE-2000-0238

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2000-0238

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200003-034

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-200003-034

EXTERNAL IDS

db:BIDid:1064

Trust: 2.0

db:NVDid:CVE-2000-0238

Trust: 1.7

db:CNNVDid:CNNVD-200003-034

Trust: 0.7

db:BUGTRAQid:20000317 DOS WITH NAVIEG

Trust: 0.6

db:VULHUBid:VHN-1817

Trust: 0.1

sources: VULHUB: VHN-1817 // BID: 1064 // CNNVD: CNNVD-200003-034 // NVD: CVE-2000-0238

REFERENCES

url:http://www.securityfocus.com/bid/1064

Trust: 2.7

url:http://www.securityfocus.com/templates/archive.pike?list=1&msg=s8d1f3e3.036%40kib.co.kodiak.ak.us

Trust: 2.0

url:http://www.securityfocus.com/templates/archive.pike?list=1&msg=s8d1f3e3.036@kib.co.kodiak.ak.us

Trust: 0.7

url: -

Trust: 0.1

sources: VULHUB: VHN-1817 // CNNVD: CNNVD-200003-034 // NVD: CVE-2000-0238

CREDITS

Posted to Bugtraq on March 17, 2000 by Paul VanDyke <pvandyke@kib.co.kodiak.ak.us>.

Trust: 0.3

sources: BID: 1064

SOURCES

db:VULHUBid:VHN-1817
db:BIDid:1064
db:CNNVDid:CNNVD-200003-034
db:NVDid:CVE-2000-0238

LAST UPDATE DATE

2024-11-22T23:15:29.819000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-1817date:2008-09-10T00:00:00
db:BIDid:1064date:2000-03-17T00:00:00
db:CNNVDid:CNNVD-200003-034date:2010-12-02T00:00:00
db:NVDid:CVE-2000-0238date:2024-11-20T23:32:02.393

SOURCES RELEASE DATE

db:VULHUBid:VHN-1817date:2000-03-17T00:00:00
db:BIDid:1064date:2000-03-17T00:00:00
db:CNNVDid:CNNVD-200003-034date:2000-03-17T00:00:00
db:NVDid:CVE-2000-0238date:2000-03-17T05:00:00