VAR-200210-0124
Vulnerability from variot - Updated: 2023-12-18 13:41Dynamic VPN Configuration Protocol service (DVCP) in Watchguard Firebox firmware 5.x.x allows remote attackers to cause a denial of service (crash) via a malformed packet containing tab characters to TCP port 4110. A denial of service vulnerability has been reported for WatchGuard Firebox firmware versions 5.x.x. The vulnerability occurs in the DVCP service. WatchGuard Firebox is a firewall for small and medium-sized business offices produced by WatchGuard in the United States. DVCP protocol The protocol used by the WatchGuard Firebox system to transmit IPSec VPN configuration information on the client server. The firewall needs to be restarted to use the DVCP service function again
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200210-0124",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "soho firewall",
"scope": "eq",
"trust": 1.9,
"vendor": "watchguard",
"version": "5.0.35"
},
{
"model": "soho firewall",
"scope": "eq",
"trust": 1.9,
"vendor": "watchguard",
"version": "5.0.31"
},
{
"model": "soho firewall",
"scope": "eq",
"trust": 1.9,
"vendor": "watchguard",
"version": "5.0.29"
},
{
"model": "soho firewall",
"scope": "eq",
"trust": 1.9,
"vendor": "watchguard",
"version": "5.0.28"
},
{
"model": "firebox",
"scope": "eq",
"trust": 1.9,
"vendor": "watchguard",
"version": "5.0"
},
{
"model": "soho firewall",
"scope": "eq",
"trust": 1.6,
"vendor": "watchguard",
"version": "5.0.35a"
},
{
"model": "soho firewall a",
"scope": "eq",
"trust": 0.3,
"vendor": "watchguard",
"version": "5.0.35"
},
{
"model": "firebox .b1140",
"scope": "ne",
"trust": 0.3,
"vendor": "watchguard",
"version": "6.0"
}
],
"sources": [
{
"db": "BID",
"id": "5186"
},
{
"db": "NVD",
"id": "CVE-2002-1046"
},
{
"db": "CNNVD",
"id": "CNNVD-200210-195"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:watchguard:firebox:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:watchguard:soho_firewall:5.0.28:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:watchguard:soho_firewall:5.0.29:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:watchguard:soho_firewall:5.0.35:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:watchguard:soho_firewall:5.0.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:watchguard:soho_firewall:5.0.35a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-1046"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Peter Gr\u00fcndl\u203b pgrundl@kpmg.dk",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200210-195"
}
],
"trust": 0.6
},
"cve": "CVE-2002-1046",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-5435",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2002-1046",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200210-195",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-5435",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-5435"
},
{
"db": "NVD",
"id": "CVE-2002-1046"
},
{
"db": "CNNVD",
"id": "CNNVD-200210-195"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dynamic VPN Configuration Protocol service (DVCP) in Watchguard Firebox firmware 5.x.x allows remote attackers to cause a denial of service (crash) via a malformed packet containing tab characters to TCP port 4110. A denial of service vulnerability has been reported for WatchGuard Firebox firmware versions 5.x.x. The vulnerability occurs in the DVCP service. WatchGuard Firebox is a firewall for small and medium-sized business offices produced by WatchGuard in the United States. DVCP protocol The protocol used by the WatchGuard Firebox system to transmit IPSec VPN configuration information on the client server. The firewall needs to be restarted to use the DVCP service function again",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-1046"
},
{
"db": "BID",
"id": "5186"
},
{
"db": "VULHUB",
"id": "VHN-5435"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "5186",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2002-1046",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200210-195",
"trust": 0.7
},
{
"db": "VULNWATCH",
"id": "20020709 KPMG-2002030: WATCHGUARD FIREBOX DYNAMIC VPN CONFIGURATION PROTOCOL DOS",
"trust": 0.6
},
{
"db": "XF",
"id": "9509",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-5435",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-5435"
},
{
"db": "BID",
"id": "5186"
},
{
"db": "NVD",
"id": "CVE-2002-1046"
},
{
"db": "CNNVD",
"id": "CNNVD-200210-195"
}
]
},
"id": "VAR-200210-0124",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-5435"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:41:03.956000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-1046"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/5186"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0012.html"
},
{
"trust": 1.7,
"url": "http://www.iss.net/security_center/static/9509.php"
},
{
"trust": 0.3,
"url": "http://www.watchguard.com/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-5435"
},
{
"db": "BID",
"id": "5186"
},
{
"db": "NVD",
"id": "CVE-2002-1046"
},
{
"db": "CNNVD",
"id": "CNNVD-200210-195"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-5435"
},
{
"db": "BID",
"id": "5186"
},
{
"db": "NVD",
"id": "CVE-2002-1046"
},
{
"db": "CNNVD",
"id": "CNNVD-200210-195"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-10-04T00:00:00",
"db": "VULHUB",
"id": "VHN-5435"
},
{
"date": "2002-07-09T00:00:00",
"db": "BID",
"id": "5186"
},
{
"date": "2002-10-04T04:00:00",
"db": "NVD",
"id": "CVE-2002-1046"
},
{
"date": "2002-07-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200210-195"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-09-05T00:00:00",
"db": "VULHUB",
"id": "VHN-5435"
},
{
"date": "2002-07-09T00:00:00",
"db": "BID",
"id": "5186"
},
{
"date": "2008-09-05T20:29:38.270000",
"db": "NVD",
"id": "CVE-2002-1046"
},
{
"date": "2005-05-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200210-195"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200210-195"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Watchdog Firebox dynamic VPN Configuration Protocol Remote Denial of Service Attack Vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200210-195"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "unknown",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200210-195"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…