Details of VAR-200210-0165

ID

VAR-200210-0165

CVE

CVE-2002-0990

TITLE

Multiple Symantec Firewall Secure Webserver Error Request Remote Denial of Service Attack Vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200210-292

DESCRIPTION

The web proxy component in Symantec Enterprise Firewall (SEF) 6.5.2 through 7.0, Raptor Firewall 6.5 and 6.5.3, VelociRaptor, and Symantec Gateway Security allow remote attackers to cause a denial of service (connection resource exhaustion) via multiple connection requests to domains whose DNS server is unresponsive or does not exist, which generates a long timeout. A denial of service vulnerability has been reported in this component. According to the report, the proxy blocks while attempting to resolve hostnames specified in CONNECT requests. While this is occuring, requests from other clients are not handled. This behaviour can be exploited to cause a denial of service condition. There is a problem when the WEB proxy service program of the firewall handles non-existing internal URLs. By submitting non-existent or wrong internal URL requests multiple times, the proxy service program may time out for a period of time without responding to subsequent proxy request connections, resulting in Denial of service attack

Trust: 1.26

sources: NVD: CVE-2002-0990 // BID: 5958 // VULHUB: VHN-5379

AFFECTED PRODUCTS

vendor:	symantec	model:	velociraptor	scope:	eq	version:	500	Trust: 1.9
vendor:	symantec	model:	velociraptor	scope:	eq	version:	1300	Trust: 1.9
vendor:	symantec	model:	velociraptor	scope:	eq	version:	1200	Trust: 1.9
vendor:	symantec	model:	velociraptor	scope:	eq	version:	1000	Trust: 1.9
vendor:	symantec	model:	enterprise firewall	scope:	eq	version:	6.5.2	Trust: 1.6
vendor:	symantec	model:	gateway security	scope:	eq	version:	5200	Trust: 1.6
vendor:	symantec	model:	raptor firewall	scope:	eq	version:	6.5.3	Trust: 1.6
vendor:	symantec	model:	raptor firewall	scope:	eq	version:	6.5	Trust: 1.6
vendor:	symantec	model:	enterprise firewall	scope:	eq	version:	7.0	Trust: 1.6
vendor:	symantec	model:	velociraptor	scope:	eq	version:	700	Trust: 1.3
vendor:	symantec	model:	velociraptor	scope:	eq	version:	1100	Trust: 1.3
vendor:	symantec	model:	gateway security	scope:	eq	version:	5300	Trust: 1.3
vendor:	symantec	model:	gateway security	scope:	eq	version:	5110	Trust: 1.0
vendor:	symantec	model:	raptor firewall solaris	scope:	eq	version:	6.5.3	Trust: 0.3
vendor:	symantec	model:	raptor firewall windows nt	scope:	eq	version:	6.5	Trust: 0.3
vendor:	symantec	model:	gateway security	scope:	eq	version:	52001.0	Trust: 0.3
vendor:	symantec	model:	gateway security	scope:	eq	version:	51101.0	Trust: 0.3
vendor:	symantec	model:	enterprise firewall solaris	scope:	eq	version:	7.0	Trust: 0.3
vendor:	symantec	model:	enterprise firewall nt/2000	scope:	eq	version:	7.0	Trust: 0.3
vendor:	symantec	model:	enterprise firewall nt/2000	scope:	eq	version:	6.5.2	Trust: 0.3

sources: BID: 5958 // CNNVD: CNNVD-200210-292 // NVD: CVE-2002-0990

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2002-0990
value:	MEDIUM
Trust: 1.0
CNNVD:	CNNVD-200210-292
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-5379
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2002-0990
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-5379
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-5379 // CNNVD: CNNVD-200210-292 // NVD: CVE-2002-0990

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2002-0990

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200210-292

TYPE

Design Error

Trust: 0.9

sources: BID: 5958 // CNNVD: CNNVD-200210-292

EXTERNAL IDS

db:	BID	id:	5958	Trust: 2.0
db:	NVD	id:	CVE-2002-0990	Trust: 2.0
db:	CNNVD	id:	CNNVD-200210-292	Trust: 0.7
db:	BUGTRAQ	id:	20021014 MULTIPLE SYMANTEC FIREWALL SECURE WEBSERVER TIMEOUT DOS	Trust: 0.6
db:	XF	id:	10364	Trust: 0.6
db:	VULHUB	id:	VHN-5379	Trust: 0.1

sources: VULHUB: VHN-5379 // BID: 5958 // CNNVD: CNNVD-200210-292 // NVD: CVE-2002-0990

REFERENCES

url:	http://www.securityfocus.com/bid/5958	Trust: 1.7
url:	http://securityresponse.symantec.com/avcenter/security/content/2002.10.11.html	Trust: 1.7
url:	http://www.iss.net/security_center/static/10364.php	Trust: 1.7
url:	http://marc.info/?l=bugtraq&m=103463869503124&w=2	Trust: 1.1
url:	http://marc.theaimsgroup.com/?l=bugtraq&m=103463869503124&w=2	Trust: 0.6

sources: VULHUB: VHN-5379 // CNNVD: CNNVD-200210-292 // NVD: CVE-2002-0990

CREDITS

AI-SEC Security Advisories※ advisories@ai-sec.dk

Trust: 0.6

sources: CNNVD: CNNVD-200210-292

SOURCES

db:	VULHUB	id:	VHN-5379
db:	BID	id:	5958
db:	CNNVD	id:	CNNVD-200210-292
db:	NVD	id:	CVE-2002-0990

LAST UPDATE DATE

2024-08-14T14:29:36.391000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-5379	date:	2016-10-18T00:00:00
db:	BID	id:	5958	date:	2009-07-11T18:06:00
db:	CNNVD	id:	CNNVD-200210-292	date:	2005-05-13T00:00:00
db:	NVD	id:	CVE-2002-0990	date:	2016-10-18T02:23:21.303

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-5379	date:	2002-10-28T00:00:00
db:	BID	id:	5958	date:	2002-10-14T00:00:00
db:	CNNVD	id:	CNNVD-200210-292	date:	2002-10-28T00:00:00
db:	NVD	id:	CVE-2002-0990	date:	2002-10-28T05:00:00