Sign-up

ID

VAR-200212-0811


CVE

CVE-2002-2336


TITLE

PC Firewall automatically blocks operation remote denial of service attack vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200212-557

DESCRIPTION

Norton Personal Firewall 2002 4.0, when configured to automatically block attacks, allows remote attackers to block IP addresses and cause a denial of service via spoofed packets. The problem is in the handling of spoofed traffic. Under some circumstances, it is possible for remote users to deny service to various sites for users of PC Firewall software. By sending spoofed traffic that could be deemed malicious by the firewall software package, an attacker could effectively limit the sites a system is capable of reaching. Many PC firewalls have the function of automatically blocking malicious attacks

Trust: 1.26

sources: NVD: CVE-2002-2336 // BID: 5917 // VULHUB: VHN-6719

AFFECTED PRODUCTS

vendor:symantecmodel:norton personal firewallscope:eqversion:2002

Trust: 1.9

vendor:kasperskymodel:labs anti-hackerscope:eqversion:1.0

Trust: 0.3

vendor:internetmodel:security systems blackice server protection cdfscope:eqversion:3.5

Trust: 0.3

vendor:internetmodel:security systems blackice defender capscope:eqversion:2.9

Trust: 0.3

sources: BID: 5917 // CNNVD: CNNVD-200212-557 // NVD: CVE-2002-2336

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2002-2336
value: MEDIUM

Trust: 1.0

CNNVD: CNNVD-200212-557
value: MEDIUM

Trust: 0.6

VULHUB: VHN-6719
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2002-2336
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-6719
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-6719 // CNNVD: CNNVD-200212-557 // NVD: CVE-2002-2336

PROBLEMTYPE DATA

problemtype:CWE-16

Trust: 1.1

sources: VULHUB: VHN-6719 // NVD: CVE-2002-2336

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200212-557

TYPE

configuration error

Trust: 0.6

sources: CNNVD: CNNVD-200212-557

EXPLOIT AVAILABILITY

sources:
            
            
            VULHUB: VHN-6719

EXTERNAL IDS
db:BIDid:5917
Trust: 2.0
db:NVDid:CVE-2002-2336
Trust: 1.7
db:CNNVDid:CNNVD-200212-557
Trust: 0.7
db:BUGTRAQid:20021008 MULTIPLE VENDOR PC FIREWALL REMOTE DENIAL OF SERVICES VULNERABILITY
Trust: 0.6
db:BUGTRAQid:20021008 RE: MULTIPLE VENDOR PC FIREWALL REMOTE DENIAL OF SERVICES VULNERABILITY
Trust: 0.6
db:NSFOCUSid:3634
Trust: 0.6
db:XFid:10314
Trust: 0.6
db:SEEBUGid:SSVID-75733
Trust: 0.1
db:EXPLOIT-DBid:21915
Trust: 0.1
db:VULHUBid:VHN-6719
Trust: 0.1
sources:
            
            
            VULHUB: VHN-6719 // 
            
            
            
            BID: 5917 // 
            
            
            
            CNNVD: CNNVD-200212-557 // 
            
            
            
            NVD: CVE-2002-2336

REFERENCES
url:http://www.securityfocus.com/bid/5917
Trust: 2.7
url:http://online.securityfocus.com/archive/1/294411
Trust: 2.7
url:http://archives.neohapsis.com/archives/bugtraq/2002-10/0156.html
Trust: 2.7
url:http://www.iss.net/security_center/static/10314.php
Trust: 2.7
url:http://www.nsfocus.net/vulndb/3634
Trust: 0.6
url:/archive/1/315631
Trust: 0.3
sources:
            
            
            VULHUB: VHN-6719 // 
            
            
            
            BID: 5917 // 
            
            
            
            CNNVD: CNNVD-200212-557 // 
            
            
            
            NVD: CVE-2002-2336

CREDITS
Yiming Gong※ yiming@security.zz.ha.cn
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-200212-557

SOURCES
db:VULHUBid:VHN-6719
db:BIDid:5917
db:CNNVDid:CNNVD-200212-557
db:NVDid:CVE-2002-2336

LAST UPDATE DATE
2024-11-22T23:06:58.910000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-6719date:2008-09-05T00:00:00
db:BIDid:5917date:2002-10-08T00:00:00
db:CNNVDid:CNNVD-200212-557date:2002-12-31T00:00:00
db:NVDid:CVE-2002-2336date:2024-11-20T23:43:26.437

SOURCES RELEASE DATE
db:VULHUBid:VHN-6719date:2002-12-31T00:00:00
db:BIDid:5917date:2002-10-08T00:00:00
db:CNNVDid:CNNVD-200212-557date:2002-10-08T00:00:00
db:NVDid:CVE-2002-2336date:2002-12-31T05:00:00