VAR-200102-0006
Vulnerability from variot - Updated: 2023-12-18 11:20Buffer overflow in HTTP server on the WatchGuard SOHO firewall allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long GET request. SOHO Firewall is an appliance firewall by Watchguard Technologies Inc. designed for Small Office/Home Office users. SOHO Firewall is susceptible to a trivial denial of service attack. Restarting the service is required in order to regain normal functionality. Watchguard has confirmed that this vulnerability could not be implemented to launch arbitrary code. Successful exploitation of this vulnerability could assist in the development of further attacks due to the elimination of a firewall defense
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200102-0006",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "soho firewall",
"scope": "eq",
"trust": 1.9,
"vendor": "watchguard",
"version": "2.1.3"
},
{
"model": "soho firewall",
"scope": "eq",
"trust": 1.9,
"vendor": "watchguard",
"version": "1.6"
},
{
"model": "soho firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "watchguard",
"version": "2.2.1"
}
],
"sources": [
{
"db": "BID",
"id": "2114"
},
{
"db": "NVD",
"id": "CVE-2000-0895"
},
{
"db": "CNNVD",
"id": "CNNVD-200102-074"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:watchguard:soho_firewall:1.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:watchguard:soho_firewall:2.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2000-0895"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovered by Steven Maks and Keith Jarvis of Internet Security Systems \u003cxforce@iss.net\u003e and posted to Bugtraq on December 14, 2000.",
"sources": [
{
"db": "BID",
"id": "2114"
},
{
"db": "CNNVD",
"id": "CNNVD-200102-074"
}
],
"trust": 0.9
},
"cve": "CVE-2000-0895",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-2465",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2000-0895",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200102-074",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-2465",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-2465"
},
{
"db": "NVD",
"id": "CVE-2000-0895"
},
{
"db": "CNNVD",
"id": "CNNVD-200102-074"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in HTTP server on the WatchGuard SOHO firewall allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long GET request. SOHO Firewall is an appliance firewall by Watchguard Technologies Inc. designed for Small Office/Home Office users. \nSOHO Firewall is susceptible to a trivial denial of service attack. Restarting the service is required in order to regain normal functionality. Watchguard has confirmed that this vulnerability could not be implemented to launch arbitrary code. \nSuccessful exploitation of this vulnerability could assist in the development of further attacks due to the elimination of a firewall defense",
"sources": [
{
"db": "NVD",
"id": "CVE-2000-0895"
},
{
"db": "BID",
"id": "2114"
},
{
"db": "VULHUB",
"id": "VHN-2465"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2000-0895",
"trust": 2.0
},
{
"db": "BID",
"id": "2114",
"trust": 2.0
},
{
"db": "OSVDB",
"id": "4403",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200102-074",
"trust": 0.7
},
{
"db": "ISS",
"id": "20001214 MULTIPLE VULNERABILITIES IN THE WATCHGUARD SOHO FIREWALL",
"trust": 0.6
},
{
"db": "XF",
"id": "5218",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-2465",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-2465"
},
{
"db": "BID",
"id": "2114"
},
{
"db": "NVD",
"id": "CVE-2000-0895"
},
{
"db": "CNNVD",
"id": "CNNVD-200102-074"
}
]
},
"id": "VAR-200102-0006",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-2465"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T11:20:53.136000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2000-0895"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/2114"
},
{
"trust": 1.7,
"url": "http://xforce.iss.net/alerts/advise70.php"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/4403"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5218"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/5218"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-2465"
},
{
"db": "NVD",
"id": "CVE-2000-0895"
},
{
"db": "CNNVD",
"id": "CNNVD-200102-074"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-2465"
},
{
"db": "BID",
"id": "2114"
},
{
"db": "NVD",
"id": "CVE-2000-0895"
},
{
"db": "CNNVD",
"id": "CNNVD-200102-074"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2001-02-12T00:00:00",
"db": "VULHUB",
"id": "VHN-2465"
},
{
"date": "2000-12-14T00:00:00",
"db": "BID",
"id": "2114"
},
{
"date": "2001-02-12T05:00:00",
"db": "NVD",
"id": "CVE-2000-0895"
},
{
"date": "2001-02-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200102-074"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-10-10T00:00:00",
"db": "VULHUB",
"id": "VHN-2465"
},
{
"date": "2009-07-11T04:46:00",
"db": "BID",
"id": "2114"
},
{
"date": "2017-10-10T01:29:21.670000",
"db": "NVD",
"id": "CVE-2000-0895"
},
{
"date": "2006-01-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200102-074"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200102-074"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Watchguard SOHO Firewall is too large GET request DoS Vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200102-074"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200102-074"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…