Sign-up

ID

VAR-200210-0192


CVE

CVE-2002-0891


TITLE

NetScreen ScreenOS Remote restart vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200210-215

DESCRIPTION

The web interface (WebUI) of NetScreen ScreenOS before 2.6.1r8, and certain 2.8.x and 3.0.x versions before 3.0.3r1, allows remote attackers to cause a denial of service (crash) via a long user name. This condition may be the result of an unchecked buffer, which may potentially allow the attacker to execute arbitrary code. This possibility has not been confirmed. Netscreen is a firewall security solution that enables wire-speed packet processing

Trust: 1.26

sources: NVD: CVE-2002-0891 // BID: 4842 // VULHUB: VHN-5281

AFFECTED PRODUCTS

vendor:junipermodel:netscreen screenosscope:eqversion:2.6.1

Trust: 1.6

vendor:junipermodel:netscreen screenosscope:eqversion:3.0.1r1

Trust: 1.6

vendor:junipermodel:netscreen screenosscope:eqversion:2.8_r1

Trust: 1.6

vendor:junipermodel:netscreen screenosscope:eqversion:3.0.0r2

Trust: 1.6

vendor:junipermodel:netscreen screenosscope:eqversion:3.0.0r4

Trust: 1.6

vendor:junipermodel:netscreen screenosscope:eqversion:3.0.0r3

Trust: 1.6

vendor:junipermodel:netscreen screenosscope:eqversion:2.5r6

Trust: 1.6

vendor:junipermodel:netscreen screenosscope:eqversion:2.6.1r1

Trust: 1.6

vendor:junipermodel:netscreen screenosscope:eqversion:3.0.0r1

Trust: 1.6

vendor:junipermodel:netscreen screenosscope:eqversion:3.0.0

Trust: 1.6

vendor:junipermodel:netscreen screenosscope:eqversion:2.5

Trust: 1.0

vendor:junipermodel:netscreen screenosscope:eqversion:2.7.1r2

Trust: 1.0

vendor:junipermodel:netscreen screenosscope:eqversion:2.10_r3

Trust: 1.0

vendor:junipermodel:netscreen screenosscope:eqversion:2.6.1r5

Trust: 1.0

vendor:junipermodel:netscreen screenosscope:eqversion:2.7.1r3

Trust: 1.0

vendor:junipermodel:netscreen screenosscope:eqversion:2.6.1r4

Trust: 1.0

vendor:junipermodel:netscreen screenosscope:eqversion:2.5r2

Trust: 1.0

vendor:junipermodel:netscreen screenosscope:eqversion:2.6.1r2

Trust: 1.0

vendor:junipermodel:netscreen screenosscope:eqversion:2.7.1r1

Trust: 1.0

vendor:junipermodel:netscreen screenosscope:eqversion:2.5r1

Trust: 1.0

vendor:junipermodel:netscreen screenosscope:eqversion:2.6.1r3

Trust: 1.0

vendor:junipermodel:netscreen screenosscope:eqversion:2.7.1

Trust: 1.0

vendor:junipermodel:netscreen screenosscope:eqversion:2.10_r4

Trust: 1.0

vendor:netscreenmodel:screenos r1scope:eqversion:3.0.1

Trust: 0.3

vendor:netscreenmodel:screenos r4scope:eqversion:3.0

Trust: 0.3

vendor:netscreenmodel:screenos r3scope:eqversion:3.0

Trust: 0.3

vendor:netscreenmodel:screenos r2scope:eqversion:3.0

Trust: 0.3

vendor:netscreenmodel:screenos r1scope:eqversion:3.0

Trust: 0.3

vendor:netscreenmodel:screenosscope:eqversion:3.0

Trust: 0.3

vendor:netscreenmodel:screenos r4scope:eqversion:2.10

Trust: 0.3

vendor:netscreenmodel:screenos r3scope:eqversion:2.10

Trust: 0.3

vendor:netscreenmodel:screenos r1scope:eqversion:2.8

Trust: 0.3

vendor:netscreenmodel:screenos r3scope:eqversion:2.7.1

Trust: 0.3

vendor:netscreenmodel:screenos r2scope:eqversion:2.7.1

Trust: 0.3

vendor:netscreenmodel:screenos r1scope:eqversion:2.7.1

Trust: 0.3

vendor:netscreenmodel:screenosscope:eqversion:2.7.1

Trust: 0.3

vendor:netscreenmodel:screenos r5scope:eqversion:2.6.1

Trust: 0.3

vendor:netscreenmodel:screenos r4scope:eqversion:2.6.1

Trust: 0.3

vendor:netscreenmodel:screenos r3scope:eqversion:2.6.1

Trust: 0.3

vendor:netscreenmodel:screenos r2scope:eqversion:2.6.1

Trust: 0.3

vendor:netscreenmodel:screenos r1scope:eqversion:2.6.1

Trust: 0.3

vendor:netscreenmodel:screenosscope:eqversion:2.6.1

Trust: 0.3

vendor:netscreenmodel:screenos r6scope:eqversion:2.5

Trust: 0.3

vendor:netscreenmodel:screenos r2scope:eqversion:2.5

Trust: 0.3

vendor:netscreenmodel:screenos r1scope:eqversion:2.5

Trust: 0.3

vendor:netscreenmodel:screenosscope:eqversion:2.5

Trust: 0.3

vendor:netscreenmodel:screenos r2scope:neversion:3.0.1

Trust: 0.3

sources: BID: 4842 // CNNVD: CNNVD-200210-215 // NVD: CVE-2002-0891

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2002-0891
value: MEDIUM

Trust: 1.0

CNNVD: CNNVD-200210-215
value: MEDIUM

Trust: 0.6

VULHUB: VHN-5281
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2002-0891
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-5281
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-5281 // CNNVD: CNNVD-200210-215 // NVD: CVE-2002-0891

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2002-0891

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200210-215

TYPE

unknown

Trust: 0.6

sources: CNNVD: CNNVD-200210-215

EXTERNAL IDS

db:BIDid:4842

Trust: 2.0

db:NVDid:CVE-2002-0891

Trust: 1.7

db:CNNVDid:CNNVD-200210-215

Trust: 0.7

db:BUGTRAQid:20020527 NETSCREEN 25 UNAUTHORISED REBOOT ISSUE

Trust: 0.6

db:XFid:9186

Trust: 0.6

db:VULHUBid:VHN-5281

Trust: 0.1

sources: VULHUB: VHN-5281 // BID: 4842 // CNNVD: CNNVD-200210-215 // NVD: CVE-2002-0891

REFERENCES

url:http://www.securityfocus.com/bid/4842

Trust: 1.7

url:http://online.securityfocus.com/archive/1/274240

Trust: 1.7

url:http://www.netscreen.com/support/ns25_reboot.html

Trust: 1.7

url:http://www.iss.net/security_center/static/9186.php

Trust: 1.7

url:http://www.netscreen.com/index.html

Trust: 0.3

sources: VULHUB: VHN-5281 // BID: 4842 // CNNVD: CNNVD-200210-215 // NVD: CVE-2002-0891

CREDITS

quentyn@fotango.com

Trust: 0.6

sources: CNNVD: CNNVD-200210-215

SOURCES

db:VULHUBid:VHN-5281
db:BIDid:4842
db:CNNVDid:CNNVD-200210-215
db:NVDid:CVE-2002-0891

LAST UPDATE DATE

2024-08-14T15:41:01.026000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-5281date:2008-09-05T00:00:00
db:BIDid:4842date:2002-05-27T00:00:00
db:CNNVDid:CNNVD-200210-215date:2006-08-23T00:00:00
db:NVDid:CVE-2002-0891date:2008-09-05T20:29:13.770

SOURCES RELEASE DATE

db:VULHUBid:VHN-5281date:2002-10-04T00:00:00
db:BIDid:4842date:2002-05-27T00:00:00
db:CNNVDid:CNNVD-200210-215date:2002-05-27T00:00:00
db:NVDid:CVE-2002-0891date:2002-10-04T04:00:00