Sign-up

ID

VAR-200306-0129


CVE

CVE-2002-1463


TITLE

Multiple Symantec Product initialization TCP Serial number is not strong enough

Trust: 0.6

sources: CNNVD: CNNVD-200306-045

DESCRIPTION

Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor Models 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 generate easily predictable initial sequence numbers (ISN), which allows remote attackers to spoof connections. Symantec produces a range of hardware and software firewall products. A number of these products have been reported to have a vulnerability related to the creation of TCP Initial Sequence Numbers (ISNs). Reportedly, vulnerable products will reuse ISN values for connections with the same source and destination IP and port, over a limited time period. An attacker able to gain knowledge of this ISN may spoof new connections from the specified IP address, or inject data into legitimate connections. Remote attackers can use this vulnerability to perform IP spoofing or data insertion attacks on the current connection. The firewall's application-layer protocol inspection technology can prevent session spoofing and hijacking through random TCP initial sequence numbers for new proxy connections. During this time, an attacker can capture the initial TCP handshake of an early session from a legitimate IP

Trust: 1.26

sources: NVD: CVE-2002-1463 // BID: 5387 // VULHUB: VHN-5848

AFFECTED PRODUCTS

vendor:symantecmodel:gateway securityscope:eqversion:5300

Trust: 1.9

vendor:symantecmodel:velociraptorscope:eqversion:model_500

Trust: 1.6

vendor:symantecmodel:velociraptorscope:eqversion:model_1200

Trust: 1.6

vendor:symantecmodel:velociraptorscope:eqversion:model_1100

Trust: 1.6

vendor:symantecmodel:velociraptorscope:eqversion:model_1300

Trust: 1.6

vendor:symantecmodel:velociraptorscope:eqversion:model_1000

Trust: 1.6

vendor:symantecmodel:gateway securityscope:eqversion:5200

Trust: 1.6

vendor:symantecmodel:velociraptorscope:eqversion:model_700

Trust: 1.6

vendor:symantecmodel:gateway securityscope:eqversion:5110

Trust: 1.6

vendor:symantecmodel:enterprise firewallscope:eqversion:7.0

Trust: 1.6

vendor:symantecmodel:raptor firewallscope:eqversion:6.5

Trust: 1.0

vendor:symantecmodel:enterprise firewallscope:eqversion:6.5.2

Trust: 1.0

vendor:symantecmodel:raptor firewallscope:eqversion:6.5.3

Trust: 1.0

vendor:symantecmodel:velociraptorscope:eqversion:1.5

Trust: 0.3

vendor:symantecmodel:velociraptorscope:eqversion:1.1

Trust: 0.3

vendor:symantecmodel:velociraptorscope:eqversion:1.0

Trust: 0.3

vendor:symantecmodel:raptor firewall solarisscope:eqversion:6.5.3

Trust: 0.3

vendor:symantecmodel:raptor firewall windows ntscope:eqversion:6.5

Trust: 0.3

vendor:symantecmodel:ghost corporate editionscope:eqversion:7.5

Trust: 0.3

vendor:symantecmodel:gateway securityscope:eqversion:52001.0

Trust: 0.3

vendor:symantecmodel:gateway securityscope:eqversion:51101.0

Trust: 0.3

vendor:symantecmodel:enterprise firewall solarisscope:eqversion:7.0

Trust: 0.3

vendor:symantecmodel:enterprise firewall nt/2000scope:eqversion:7.0

Trust: 0.3

vendor:symantecmodel:enterprise firewall nt/2000scope:eqversion:6.5.2

Trust: 0.3

sources: BID: 5387 // CNNVD: CNNVD-200306-045 // NVD: CVE-2002-1463

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2002-1463
value: HIGH

Trust: 1.0

CNNVD: CNNVD-200306-045
value: HIGH

Trust: 0.6

VULHUB: VHN-5848
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2002-1463
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-5848
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-5848 // CNNVD: CNNVD-200306-045 // NVD: CVE-2002-1463

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2002-1463

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200306-045

TYPE

Design Error

Trust: 0.9

sources: BID: 5387 // CNNVD: CNNVD-200306-045

EXPLOIT AVAILABILITY

sources:
            
            
            VULHUB: VHN-5848

EXTERNAL IDS
db:BIDid:5387
Trust: 2.0
db:NVDid:CVE-2002-1463
Trust: 1.7
db:OSVDBid:855
Trust: 1.7
db:CNNVDid:CNNVD-200306-045
Trust: 0.7
db:XFid:12836
Trust: 0.6
db:BUGTRAQid:20020802 SECURITY ADVISORY: RAPTOR FIREWALL WEAK ISN VULNERABILITY
Trust: 0.6
db:EXPLOIT-DBid:19522
Trust: 0.1
db:VULHUBid:VHN-5848
Trust: 0.1
sources:
            
            
            VULHUB: VHN-5848 // 
            
            
            
            BID: 5387 // 
            
            
            
            CNNVD: CNNVD-200306-045 // 
            
            
            
            NVD: CVE-2002-1463

REFERENCES
url:http://www.symantec.com/techsupp/bulletin/archive/firewall/082002firewall.html
Trust: 2.0
url:http://www.securityfocus.com/bid/5387
Trust: 1.7
url:http://archives.neohapsis.com/archives/bugtraq/2002-07/0492.html
Trust: 1.7
url:http://www.osvdb.org/855
Trust: 1.7
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/12836
Trust: 1.1
url:http://xforce.iss.net/xforce/xfdb/12836
Trust: 0.6
url:http://www.symantec.com
Trust: 0.3
sources:
            
            
            VULHUB: VHN-5848 // 
            
            
            
            BID: 5387 // 
            
            
            
            CNNVD: CNNVD-200306-045 // 
            
            
            
            NVD: CVE-2002-1463

CREDITS
Kristof Philipsen※ kristof.philipsen@ubizen.com
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-200306-045

SOURCES
db:VULHUBid:VHN-5848
db:BIDid:5387
db:CNNVDid:CNNVD-200306-045
db:NVDid:CVE-2002-1463

LAST UPDATE DATE
2024-08-14T12:35:44.617000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-5848date:2017-10-10T00:00:00
db:BIDid:5387date:2002-08-02T00:00:00
db:CNNVDid:CNNVD-200306-045date:2005-05-16T00:00:00
db:NVDid:CVE-2002-1463date:2017-10-10T01:30:12.813

SOURCES RELEASE DATE
db:VULHUBid:VHN-5848date:2003-06-09T00:00:00
db:BIDid:5387date:2002-08-02T00:00:00
db:CNNVDid:CNNVD-200306-045date:2002-08-02T00:00:00
db:NVDid:CVE-2002-1463date:2003-06-09T04:00:00