cvelistv5 - cve-2002-1463

CVE-2002-1463 (GCVE-0-2002-1463)

Vulnerability from cvelistv5 – Published: 2004-09-01 04:00 – Updated: 2024-08-08 03:26

Summary

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://archives.neohapsis.com/archives/bugtraq/20…	mailing-listx_refsource_BUGTRAQ
	http://www.securityfocus.com/bid/5387	vdb-entryx_refsource_BID
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.osvdb.org/855	vdb-entryx_refsource_OSVDB
	http://www.symantec.com/techsupp/bulletin/archive…	x_refsource_CONFIRM

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T03:26:28.448Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20020802 Security Advisory: Raptor Firewall Weak ISN Vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0492.html"
          },
          {
            "name": "5387",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/5387"
          },
          {
            "name": "symantec-tcp-seq-predict(12836)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12836"
          },
          {
            "name": "855",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/855"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.symantec.com/techsupp/bulletin/archive/firewall/082002firewall.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2002-08-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor Models 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 generate easily predictable initial sequence numbers (ISN), which allows remote attackers to spoof connections."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2004-08-18T00:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20020802 Security Advisory: Raptor Firewall Weak ISN Vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0492.html"
        },
        {
          "name": "5387",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/5387"
        },
        {
          "name": "symantec-tcp-seq-predict(12836)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12836"
        },
        {
          "name": "855",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/855"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.symantec.com/techsupp/bulletin/archive/firewall/082002firewall.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2002-1463",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor Models 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 generate easily predictable initial sequence numbers (ISN), which allows remote attackers to spoof connections."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20020802 Security Advisory: Raptor Firewall Weak ISN Vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0492.html"
            },
            {
              "name": "5387",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/5387"
            },
            {
              "name": "symantec-tcp-seq-predict(12836)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12836"
            },
            {
              "name": "855",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/855"
            },
            {
              "name": "http://www.symantec.com/techsupp/bulletin/archive/firewall/082002firewall.html",
              "refsource": "CONFIRM",
              "url": "http://www.symantec.com/techsupp/bulletin/archive/firewall/082002firewall.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2002-1463",
    "datePublished": "2004-09-01T04:00:00",
    "dateReserved": "2003-02-05T00:00:00",
    "dateUpdated": "2024-08-08T03:26:28.448Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:enterprise_firewall:6.5.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"60CD39A5-0059-4E17-8F4F-58F23589A408\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:enterprise_firewall:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"55B40C3E-2794-4310-97BC-D80069992C87\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:raptor_firewall:6.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2678E925-06BD-4C3F-8223-93E070B4035E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:raptor_firewall:6.5.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"53477F8E-F387-4266-88B7-1B1022E74F2F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:velociraptor:model_500:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2BE710F1-F3AD-423B-A0DB-78D5F809D62E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:velociraptor:model_700:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A4F0486F-3101-4D7B-83C2-8E9F31802504\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:velociraptor:model_1000:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"155FE168-A185-4D4D-923B-207F0B26EE97\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:velociraptor:model_1100:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FDB06031-2EF6-4E45-977D-F28D538FB773\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:velociraptor:model_1200:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"30475DFE-D476-4A6C-B851-139E927BAA25\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:velociraptor:model_1300:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D9A2EDF6-46FF-4EF5-A37A-AAD06B9A51D1\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:symantec:gateway_security:5110:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7E42EDB2-616D-4915-9E41-7D80F32E4901\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:symantec:gateway_security:5200:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1D1175AC-9310-4804-8FB3-2F988F55BD09\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:symantec:gateway_security:5300:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FF09575E-83D3-4772-816B-7D639B1C32A4\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor Models 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 generate easily predictable initial sequence numbers (ISN), which allows remote attackers to spoof connections.\"}, {\"lang\": \"es\", \"value\": \"Symantec Raptor Firewall 6.5 y 6.5.3, Enterprise Firewall 6.5.2 y 7.0, VelociRaptor modelos 500/700/1000 y 1100/1200/1300, y Gateway Security 5110/5200/5300 generan secuencias num\\u00e9ricas iniciales (ISN) f\\u00e1cilmente predecibles, lo que permitir\\u00eda a atacantes remotos falsear conexiones.\"}]",
      "id": "CVE-2002-1463",
      "lastModified": "2024-11-20T23:41:22.110",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": true, \"userInteractionRequired\": false}]}",
      "published": "2003-06-09T04:00:00.000",
      "references": "[{\"url\": \"http://archives.neohapsis.com/archives/bugtraq/2002-07/0492.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.osvdb.org/855\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/5387\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.symantec.com/techsupp/bulletin/archive/firewall/082002firewall.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/12836\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://archives.neohapsis.com/archives/bugtraq/2002-07/0492.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.osvdb.org/855\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/5387\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.symantec.com/techsupp/bulletin/archive/firewall/082002firewall.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/12836\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2002-1463\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2003-06-09T04:00:00.000\",\"lastModified\":\"2025-04-03T01:03:51.193\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor Models 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 generate easily predictable initial sequence numbers (ISN), which allows remote attackers to spoof connections.\"},{\"lang\":\"es\",\"value\":\"Symantec Raptor Firewall 6.5 y 6.5.3, Enterprise Firewall 6.5.2 y 7.0, VelociRaptor modelos 500/700/1000 y 1100/1200/1300, y Gateway Security 5110/5200/5300 generan secuencias num\u00e9ricas iniciales (ISN) f\u00e1cilmente predecibles, lo que permitir\u00eda a atacantes remotos falsear conexiones.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":true,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:enterprise_firewall:6.5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"60CD39A5-0059-4E17-8F4F-58F23589A408\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:enterprise_firewall:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"55B40C3E-2794-4310-97BC-D80069992C87\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:raptor_firewall:6.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2678E925-06BD-4C3F-8223-93E070B4035E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:raptor_firewall:6.5.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"53477F8E-F387-4266-88B7-1B1022E74F2F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:velociraptor:model_500:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2BE710F1-F3AD-423B-A0DB-78D5F809D62E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:velociraptor:model_700:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4F0486F-3101-4D7B-83C2-8E9F31802504\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:velociraptor:model_1000:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"155FE168-A185-4D4D-923B-207F0B26EE97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:velociraptor:model_1100:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FDB06031-2EF6-4E45-977D-F28D538FB773\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:velociraptor:model_1200:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"30475DFE-D476-4A6C-B851-139E927BAA25\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:velociraptor:model_1300:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D9A2EDF6-46FF-4EF5-A37A-AAD06B9A51D1\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:symantec:gateway_security:5110:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E42EDB2-616D-4915-9E41-7D80F32E4901\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:symantec:gateway_security:5200:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D1175AC-9310-4804-8FB3-2F988F55BD09\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:symantec:gateway_security:5300:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FF09575E-83D3-4772-816B-7D639B1C32A4\"}]}]}],\"references\":[{\"url\":\"http://archives.neohapsis.com/archives/bugtraq/2002-07/0492.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.osvdb.org/855\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/5387\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.symantec.com/techsupp/bulletin/archive/firewall/082002firewall.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/12836\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://archives.neohapsis.com/archives/bugtraq/2002-07/0492.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.osvdb.org/855\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/5387\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.symantec.com/techsupp/bulletin/archive/firewall/082002firewall.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/12836\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

GHSA-QMX6-X96X-XP97

Vulnerability from github – Published: 2022-04-30 18:21 – Updated: 2022-04-30 18:21

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2002-1463"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2003-06-09T04:00:00Z",
    "severity": "HIGH"
  },
  "details": "Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor Models 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 generate easily predictable initial sequence numbers (ISN), which allows remote attackers to spoof connections.",
  "id": "GHSA-qmx6-x96x-xp97",
  "modified": "2022-04-30T18:21:13Z",
  "published": "2022-04-30T18:21:13Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2002-1463"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12836"
    },
    {
      "type": "WEB",
      "url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0492.html"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/855"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/5387"
    },
    {
      "type": "WEB",
      "url": "http://www.symantec.com/techsupp/bulletin/archive/firewall/082002firewall.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GSD-2002-1463

Vulnerability from gsd - Updated: 2023-12-13 01:24

Details

Aliases

CVE-2002-1463

Aliases

CVE-2002-1463

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2002-1463",
    "description": "Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor Models 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 generate easily predictable initial sequence numbers (ISN), which allows remote attackers to spoof connections.",
    "id": "GSD-2002-1463"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2002-1463"
      ],
      "details": "Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor Models 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 generate easily predictable initial sequence numbers (ISN), which allows remote attackers to spoof connections.",
      "id": "GSD-2002-1463",
      "modified": "2023-12-13T01:24:10.019756Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2002-1463",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor Models 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 generate easily predictable initial sequence numbers (ISN), which allows remote attackers to spoof connections."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "20020802 Security Advisory: Raptor Firewall Weak ISN Vulnerability",
            "refsource": "BUGTRAQ",
            "url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0492.html"
          },
          {
            "name": "5387",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/5387"
          },
          {
            "name": "symantec-tcp-seq-predict(12836)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12836"
          },
          {
            "name": "855",
            "refsource": "OSVDB",
            "url": "http://www.osvdb.org/855"
          },
          {
            "name": "http://www.symantec.com/techsupp/bulletin/archive/firewall/082002firewall.html",
            "refsource": "CONFIRM",
            "url": "http://www.symantec.com/techsupp/bulletin/archive/firewall/082002firewall.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:symantec:raptor_firewall:6.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:raptor_firewall:6.5.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:enterprise_firewall:6.5.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:enterprise_firewall:7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:velociraptor:model_500:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:velociraptor:model_700:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:velociraptor:model_1200:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:velociraptor:model_1300:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:velociraptor:model_1000:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:velociraptor:model_1100:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:symantec:gateway_security:5110:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:symantec:gateway_security:5200:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:symantec:gateway_security:5300:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2002-1463"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor Models 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 generate easily predictable initial sequence numbers (ISN), which allows remote attackers to spoof connections."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20020802 Security Advisory: Raptor Firewall Weak ISN Vulnerability",
              "refsource": "BUGTRAQ",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0492.html"
            },
            {
              "name": "http://www.symantec.com/techsupp/bulletin/archive/firewall/082002firewall.html",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://www.symantec.com/techsupp/bulletin/archive/firewall/082002firewall.html"
            },
            {
              "name": "5387",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/5387"
            },
            {
              "name": "855",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://www.osvdb.org/855"
            },
            {
              "name": "symantec-tcp-seq-predict(12836)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12836"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": true,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2017-10-10T01:30Z",
      "publishedDate": "2003-06-09T04:00Z"
    }
  }
}

VAR-200306-0129

Vulnerability from variot - Updated: 2023-12-18 11:41

Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor Models 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 generate easily predictable initial sequence numbers (ISN), which allows remote attackers to spoof connections. Symantec produces a range of hardware and software firewall products. A number of these products have been reported to have a vulnerability related to the creation of TCP Initial Sequence Numbers (ISNs). Reportedly, vulnerable products will reuse ISN values for connections with the same source and destination IP and port, over a limited time period. An attacker able to gain knowledge of this ISN may spoof new connections from the specified IP address, or inject data into legitimate connections. Remote attackers can use this vulnerability to perform IP spoofing or data insertion attacks on the current connection. The firewall's application-layer protocol inspection technology can prevent session spoofing and hijacking through random TCP initial sequence numbers for new proxy connections. During this time, an attacker can capture the initial TCP handshake of an early session from a legitimate IP

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200306-0129",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "gateway security",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "symantec",
        "version": "5300"
      },
      {
        "model": "enterprise firewall",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "symantec",
        "version": "7.0"
      },
      {
        "model": "velociraptor",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "symantec",
        "version": "model_1200"
      },
      {
        "model": "gateway security",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "symantec",
        "version": "5110"
      },
      {
        "model": "velociraptor",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "symantec",
        "version": "model_1100"
      },
      {
        "model": "velociraptor",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "symantec",
        "version": "model_1000"
      },
      {
        "model": "gateway security",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "symantec",
        "version": "5200"
      },
      {
        "model": "velociraptor",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "symantec",
        "version": "model_1300"
      },
      {
        "model": "velociraptor",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "symantec",
        "version": "model_700"
      },
      {
        "model": "velociraptor",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "symantec",
        "version": "model_500"
      },
      {
        "model": "raptor firewall",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "symantec",
        "version": "6.5"
      },
      {
        "model": "enterprise firewall",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "symantec",
        "version": "6.5.2"
      },
      {
        "model": "raptor firewall",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "symantec",
        "version": "6.5.3"
      },
      {
        "model": "velociraptor",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "1.5"
      },
      {
        "model": "velociraptor",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "1.1"
      },
      {
        "model": "velociraptor",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "1.0"
      },
      {
        "model": "raptor firewall solaris",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "6.5.3"
      },
      {
        "model": "raptor firewall windows nt",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "6.5"
      },
      {
        "model": "ghost corporate edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "7.5"
      },
      {
        "model": "gateway security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "52001.0"
      },
      {
        "model": "gateway security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "51101.0"
      },
      {
        "model": "enterprise firewall solaris",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "7.0"
      },
      {
        "model": "enterprise firewall nt/2000",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "7.0"
      },
      {
        "model": "enterprise firewall nt/2000",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "6.5.2"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "5387"
      },
      {
        "db": "NVD",
        "id": "CVE-2002-1463"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200306-045"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:symantec:raptor_firewall:6.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:raptor_firewall:6.5.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:enterprise_firewall:6.5.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:enterprise_firewall:7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:velociraptor:model_500:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:velociraptor:model_700:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:velociraptor:model_1200:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:velociraptor:model_1300:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:velociraptor:model_1000:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:velociraptor:model_1100:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:symantec:gateway_security:5110:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:symantec:gateway_security:5200:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:symantec:gateway_security:5300:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2002-1463"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Kristof Philipsen\u203b kristof.philipsen@ubizen.com",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200306-045"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2002-1463",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": true,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-5848",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2002-1463",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200306-045",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-5848",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-5848"
      },
      {
        "db": "NVD",
        "id": "CVE-2002-1463"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200306-045"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor Models 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 generate easily predictable initial sequence numbers (ISN), which allows remote attackers to spoof connections. Symantec produces a range of hardware and software firewall products. A number of these products have been reported to have a vulnerability related to the creation of TCP Initial Sequence Numbers (ISNs). \nReportedly, vulnerable products will reuse ISN values for connections with the same source and destination IP and port, over a limited time period. An attacker able to gain knowledge of this ISN may spoof new connections from the specified IP address, or inject data into legitimate connections. Remote attackers can use this vulnerability to perform IP spoofing or data insertion attacks on the current connection. The firewall\u0027s application-layer protocol inspection technology can prevent session spoofing and hijacking through random TCP initial sequence numbers for new proxy connections. During this time, an attacker can capture the initial TCP handshake of an early session from a legitimate IP",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2002-1463"
      },
      {
        "db": "BID",
        "id": "5387"
      },
      {
        "db": "VULHUB",
        "id": "VHN-5848"
      }
    ],
    "trust": 1.26
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-5848",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-5848"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "BID",
        "id": "5387",
        "trust": 2.0
      },
      {
        "db": "NVD",
        "id": "CVE-2002-1463",
        "trust": 1.7
      },
      {
        "db": "OSVDB",
        "id": "855",
        "trust": 1.7
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200306-045",
        "trust": 0.7
      },
      {
        "db": "XF",
        "id": "12836",
        "trust": 0.6
      },
      {
        "db": "BUGTRAQ",
        "id": "20020802 SECURITY ADVISORY: RAPTOR FIREWALL WEAK ISN VULNERABILITY",
        "trust": 0.6
      },
      {
        "db": "EXPLOIT-DB",
        "id": "19522",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-5848",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-5848"
      },
      {
        "db": "BID",
        "id": "5387"
      },
      {
        "db": "NVD",
        "id": "CVE-2002-1463"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200306-045"
      }
    ]
  },
  "id": "VAR-200306-0129",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-5848"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T11:41:37.847000Z",
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-Other",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2002-1463"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.0,
        "url": "http://www.symantec.com/techsupp/bulletin/archive/firewall/082002firewall.html"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/5387"
      },
      {
        "trust": 1.7,
        "url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0492.html"
      },
      {
        "trust": 1.7,
        "url": "http://www.osvdb.org/855"
      },
      {
        "trust": 1.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12836"
      },
      {
        "trust": 0.6,
        "url": "http://xforce.iss.net/xforce/xfdb/12836"
      },
      {
        "trust": 0.3,
        "url": "http://www.symantec.com"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-5848"
      },
      {
        "db": "BID",
        "id": "5387"
      },
      {
        "db": "NVD",
        "id": "CVE-2002-1463"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200306-045"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-5848"
      },
      {
        "db": "BID",
        "id": "5387"
      },
      {
        "db": "NVD",
        "id": "CVE-2002-1463"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200306-045"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2003-06-09T00:00:00",
        "db": "VULHUB",
        "id": "VHN-5848"
      },
      {
        "date": "2002-08-02T00:00:00",
        "db": "BID",
        "id": "5387"
      },
      {
        "date": "2003-06-09T04:00:00",
        "db": "NVD",
        "id": "CVE-2002-1463"
      },
      {
        "date": "2002-08-02T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200306-045"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-10-10T00:00:00",
        "db": "VULHUB",
        "id": "VHN-5848"
      },
      {
        "date": "2002-08-02T00:00:00",
        "db": "BID",
        "id": "5387"
      },
      {
        "date": "2017-10-10T01:30:12.813000",
        "db": "NVD",
        "id": "CVE-2002-1463"
      },
      {
        "date": "2005-05-16T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200306-045"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200306-045"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Multiple Symantec Product initialization TCP Serial number is not strong enough",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200306-045"
      }
    ],
    "trust": 0.6
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Design Error",
    "sources": [
      {
        "db": "BID",
        "id": "5387"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200306-045"
      }
    ],
    "trust": 0.9
  }
}

FKIE_CVE-2002-1463

Vulnerability from fkie_nvd - Published: 2003-06-09 04:00 - Updated: 2025-04-03 01:03

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://archives.neohapsis.com/archives/bugtraq/2002-07/0492.html	Patch, Vendor Advisory
cve@mitre.org	http://www.osvdb.org/855
cve@mitre.org	http://www.securityfocus.com/bid/5387
cve@mitre.org	http://www.symantec.com/techsupp/bulletin/archive/firewall/082002firewall.html	Patch, Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/12836
af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/bugtraq/2002-07/0492.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/855
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/5387
af854a3a-2127-422b-91ae-364da2661108	http://www.symantec.com/techsupp/bulletin/archive/firewall/082002firewall.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/12836

Impacted products

Vendor	Product	Version
symantec	enterprise_firewall	6.5.2
symantec	enterprise_firewall	7.0
symantec	raptor_firewall	6.5
symantec	raptor_firewall	6.5.3
symantec	velociraptor	model_500
symantec	velociraptor	model_700
symantec	velociraptor	model_1000
symantec	velociraptor	model_1100
symantec	velociraptor	model_1200
symantec	velociraptor	model_1300
symantec	gateway_security	5110
symantec	gateway_security	5200
symantec	gateway_security	5300

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:symantec:enterprise_firewall:6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "60CD39A5-0059-4E17-8F4F-58F23589A408",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:enterprise_firewall:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "55B40C3E-2794-4310-97BC-D80069992C87",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:raptor_firewall:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "2678E925-06BD-4C3F-8223-93E070B4035E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:raptor_firewall:6.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "53477F8E-F387-4266-88B7-1B1022E74F2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:velociraptor:model_500:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BE710F1-F3AD-423B-A0DB-78D5F809D62E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:velociraptor:model_700:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4F0486F-3101-4D7B-83C2-8E9F31802504",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:velociraptor:model_1000:*:*:*:*:*:*:*",
              "matchCriteriaId": "155FE168-A185-4D4D-923B-207F0B26EE97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:velociraptor:model_1100:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDB06031-2EF6-4E45-977D-F28D538FB773",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:velociraptor:model_1200:*:*:*:*:*:*:*",
              "matchCriteriaId": "30475DFE-D476-4A6C-B851-139E927BAA25",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:velociraptor:model_1300:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9A2EDF6-46FF-4EF5-A37A-AAD06B9A51D1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:symantec:gateway_security:5110:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E42EDB2-616D-4915-9E41-7D80F32E4901",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:symantec:gateway_security:5200:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D1175AC-9310-4804-8FB3-2F988F55BD09",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:symantec:gateway_security:5300:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF09575E-83D3-4772-816B-7D639B1C32A4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor Models 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 generate easily predictable initial sequence numbers (ISN), which allows remote attackers to spoof connections."
    },
    {
      "lang": "es",
      "value": "Symantec Raptor Firewall 6.5 y 6.5.3, Enterprise Firewall 6.5.2 y 7.0, VelociRaptor modelos 500/700/1000 y 1100/1200/1300, y Gateway Security 5110/5200/5300 generan secuencias num\u00e9ricas iniciales (ISN) f\u00e1cilmente predecibles, lo que permitir\u00eda a atacantes remotos falsear conexiones."
    }
  ],
  "id": "CVE-2002-1463",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2003-06-09T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0492.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/855"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/5387"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.symantec.com/techsupp/bulletin/archive/firewall/082002firewall.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12836"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0492.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/855"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/5387"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.symantec.com/techsupp/bulletin/archive/firewall/082002firewall.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12836"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2002-1463 (GCVE-0-2002-1463)

GHSA-QMX6-X96X-XP97

GSD-2002-1463

VAR-200306-0129

FKIE_CVE-2002-1463

Tags

Sightings

Nomenclature