Sign-up

ID

VAR-200212-0740


CVE

CVE-2002-2294


TITLE

Symantec Enterprise Firewall RealAudio Proxy remote buffer overflow vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200212-432

DESCRIPTION

Multiple buffer overflows in Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 allow remote attackers to cause a denial of service (service termination) via (1) malformed RealAudio (rad) packets that are not properly handled by the RealAudio Proxy, or (2) crafted packets to the statistics service (statsd). A vulnerability has been reported for Symantec Enterprise Firewall. A buffer overflow vulnerability occurs in the RealAudio Proxy installed on Symantec Enterprise Firewall. Reportedly when the Proxy is sent a specially formatted stream of data, it will trigger a buffer overflow condition. An attacker can exploit this vulnerability and send a specially crafted stream of data to the Proxy . This will result in a local buffer to be overrun with attacker supplied values and will trigger the buffer overflow condition. Although unconfirmed, it may be possible for an attacker to gain control over the execution of the vulnerable RealAudio Proxy process. There is a problem in the RealAudio proxy service program when processing special scans. Remote attackers can use this vulnerability to carry out buffer overflow attacks, which can cause denial of service attacks on the system. When scanning firewalls with the Qualys tool, the rad (RealAudio) and statsd (statistics) services were incorrectly terminated. Dr. Watson can record this core dump, scanning the sent data can cause the RealAudio service to destroy the buffer, and the statistical service, statsd, will stop responding due to an access violation. All other services function normally

Trust: 1.26

sources: NVD: CVE-2002-2294 // BID: 6389 // VULHUB: VHN-6677

AFFECTED PRODUCTS

vendor:symantecmodel:raptor firewallscope:eqversion:6.5

Trust: 1.0

vendor:symantecmodel:enterprise firewallscope:eqversion:6.5.2

Trust: 1.0

vendor:symantecmodel:raptor firewallscope:eqversion:6.5.3

Trust: 1.0

vendor:symantecmodel:enterprise firewallscope:eqversion:7.0

Trust: 1.0

vendor:symantecmodel:velociraptorscope:eqversion:model_1000

Trust: 1.0

vendor:symantecmodel:velociraptorscope:eqversion:model_1200

Trust: 1.0

vendor:symantecmodel:velociraptorscope:eqversion:model_1300

Trust: 1.0

vendor:symantecmodel:velociraptorscope:eqversion:model_700

Trust: 1.0

vendor:symantecmodel:velociraptorscope:eqversion:model_500

Trust: 1.0

vendor:symantecmodel:velociraptorscope:eqversion:model_1100

Trust: 1.0

vendor:symantecmodel:gateway securityscope:eqversion:5300

Trust: 0.9

vendor:symantecmodel:gateway securityscope:eqversion:5110_1.0

Trust: 0.6

vendor:symantecmodel:gateway securityscope:eqversion:5200_1.0

Trust: 0.6

vendor:symantecmodel:velociraptorscope:eqversion:700

Trust: 0.3

vendor:symantecmodel:velociraptorscope:eqversion:500

Trust: 0.3

vendor:symantecmodel:velociraptorscope:eqversion:1300

Trust: 0.3

vendor:symantecmodel:velociraptorscope:eqversion:1200

Trust: 0.3

vendor:symantecmodel:velociraptorscope:eqversion:1100

Trust: 0.3

vendor:symantecmodel:velociraptorscope:eqversion:1000

Trust: 0.3

vendor:symantecmodel:raptor firewall solarisscope:eqversion:6.5.3

Trust: 0.3

vendor:symantecmodel:raptor firewall windows ntscope:eqversion:6.5

Trust: 0.3

vendor:symantecmodel:gateway securityscope:eqversion:52001.0

Trust: 0.3

vendor:symantecmodel:gateway securityscope:eqversion:51101.0

Trust: 0.3

vendor:symantecmodel:enterprise firewall solarisscope:eqversion:7.0

Trust: 0.3

vendor:symantecmodel:enterprise firewall nt/2000scope:eqversion:7.0

Trust: 0.3

vendor:symantecmodel:enterprise firewall nt/2000scope:eqversion:6.5.2

Trust: 0.3

sources: BID: 6389 // CNNVD: CNNVD-200212-432 // NVD: CVE-2002-2294

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2002-2294
value: MEDIUM

Trust: 1.0

CNNVD: CNNVD-200212-432
value: MEDIUM

Trust: 0.6

VULHUB: VHN-6677
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2002-2294
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-6677
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-6677 // CNNVD: CNNVD-200212-432 // NVD: CVE-2002-2294

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.1

sources: VULHUB: VHN-6677 // NVD: CVE-2002-2294

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200212-432

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-200212-432

EXTERNAL IDS

db:BIDid:6389

Trust: 2.0

db:NVDid:CVE-2002-2294

Trust: 1.7

db:CNNVDid:CNNVD-200212-432

Trust: 0.7

db:NSFOCUSid:4055

Trust: 0.6

db:XFid:10862

Trust: 0.6

db:VULHUBid:VHN-6677

Trust: 0.1

sources: VULHUB: VHN-6677 // BID: 6389 // CNNVD: CNNVD-200212-432 // NVD: CVE-2002-2294

REFERENCES

url:http://www.securityfocus.com/bid/6389

Trust: 1.7

url:http://www.symantec.com/avcenter/security/content/2002.12.12.html

Trust: 1.7

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/10862

Trust: 1.1

url:http://xforce.iss.net/xforce/xfdb/10862

Trust: 0.6

url:http://www.nsfocus.net/vulndb/4055

Trust: 0.6

url:http://securityresponse.symantec.com/avcenter/security/content/2002.12.12.html

Trust: 0.3

sources: VULHUB: VHN-6677 // BID: 6389 // CNNVD: CNNVD-200212-432 // NVD: CVE-2002-2294

CREDITS

Symantec

Trust: 0.6

sources: CNNVD: CNNVD-200212-432

SOURCES

db:VULHUBid:VHN-6677
db:BIDid:6389
db:CNNVDid:CNNVD-200212-432
db:NVDid:CVE-2002-2294

LAST UPDATE DATE

2024-08-14T15:20:19.530000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-6677date:2017-07-29T00:00:00
db:BIDid:6389date:2002-12-13T00:00:00
db:CNNVDid:CNNVD-200212-432date:2002-12-31T00:00:00
db:NVDid:CVE-2002-2294date:2017-07-29T01:29:03.997

SOURCES RELEASE DATE

db:VULHUBid:VHN-6677date:2002-12-31T00:00:00
db:BIDid:6389date:2002-12-13T00:00:00
db:CNNVDid:CNNVD-200212-432date:2002-12-31T00:00:00
db:NVDid:CVE-2002-2294date:2002-12-31T05:00:00