VAR-200210-0165
Vulnerability from variot - Updated: 2023-12-18 14:07The web proxy component in Symantec Enterprise Firewall (SEF) 6.5.2 through 7.0, Raptor Firewall 6.5 and 6.5.3, VelociRaptor, and Symantec Gateway Security allow remote attackers to cause a denial of service (connection resource exhaustion) via multiple connection requests to domains whose DNS server is unresponsive or does not exist, which generates a long timeout. A denial of service vulnerability has been reported in this component. According to the report, the proxy blocks while attempting to resolve hostnames specified in CONNECT requests. While this is occuring, requests from other clients are not handled. This behaviour can be exploited to cause a denial of service condition. There is a problem when the WEB proxy service program of the firewall handles non-existing internal URLs. By submitting non-existent or wrong internal URL requests multiple times, the proxy service program may time out for a period of time without responding to subsequent proxy request connections, resulting in Denial of service attack
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200210-0165",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "velociraptor",
"scope": "eq",
"trust": 1.9,
"vendor": "symantec",
"version": "500"
},
{
"model": "velociraptor",
"scope": "eq",
"trust": 1.9,
"vendor": "symantec",
"version": "1300"
},
{
"model": "velociraptor",
"scope": "eq",
"trust": 1.9,
"vendor": "symantec",
"version": "1200"
},
{
"model": "velociraptor",
"scope": "eq",
"trust": 1.9,
"vendor": "symantec",
"version": "1000"
},
{
"model": "raptor firewall",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "6.5"
},
{
"model": "enterprise firewall",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "6.5.2"
},
{
"model": "enterprise firewall",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "7.0"
},
{
"model": "raptor firewall",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "6.5.3"
},
{
"model": "gateway security",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "5200"
},
{
"model": "velociraptor",
"scope": "eq",
"trust": 1.3,
"vendor": "symantec",
"version": "700"
},
{
"model": "velociraptor",
"scope": "eq",
"trust": 1.3,
"vendor": "symantec",
"version": "1100"
},
{
"model": "gateway security",
"scope": "eq",
"trust": 1.3,
"vendor": "symantec",
"version": "5300"
},
{
"model": "gateway security",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "5110"
},
{
"model": "raptor firewall solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.5.3"
},
{
"model": "raptor firewall windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.5"
},
{
"model": "gateway security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "52001.0"
},
{
"model": "gateway security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "51101.0"
},
{
"model": "enterprise firewall solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.0"
},
{
"model": "enterprise firewall nt/2000",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.0"
},
{
"model": "enterprise firewall nt/2000",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.5.2"
}
],
"sources": [
{
"db": "BID",
"id": "5958"
},
{
"db": "NVD",
"id": "CVE-2002-0990"
},
{
"db": "CNNVD",
"id": "CNNVD-200210-292"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:velociraptor:1200:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:velociraptor:1300:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:velociraptor:1000:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:velociraptor:1100:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:enterprise_firewall:6.5.2:*:windows_2000_nt:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:enterprise_firewall:7.0:*:solaris:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:enterprise_firewall:7.0:*:windows_2000_nt:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:velociraptor:500:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:velociraptor:700:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:raptor_firewall:6.5.3:*:solaris:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:raptor_firewall:6.5:*:windows_nt:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:symantec:gateway_security:5200:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:symantec:gateway_security:5300:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:symantec:gateway_security:5110:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-0990"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AI-SEC Security Advisories\u203b advisories@ai-sec.dk",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200210-292"
}
],
"trust": 0.6
},
"cve": "CVE-2002-0990",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-5379",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2002-0990",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200210-292",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-5379",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-5379"
},
{
"db": "NVD",
"id": "CVE-2002-0990"
},
{
"db": "CNNVD",
"id": "CNNVD-200210-292"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The web proxy component in Symantec Enterprise Firewall (SEF) 6.5.2 through 7.0, Raptor Firewall 6.5 and 6.5.3, VelociRaptor, and Symantec Gateway Security allow remote attackers to cause a denial of service (connection resource exhaustion) via multiple connection requests to domains whose DNS server is unresponsive or does not exist, which generates a long timeout. A denial of service vulnerability has been reported in this component. According to the report, the proxy blocks while attempting to resolve hostnames specified in CONNECT requests. While this is occuring, requests from other clients are not handled. This behaviour can be exploited to cause a denial of service condition. There is a problem when the WEB proxy service program of the firewall handles non-existing internal URLs. By submitting non-existent or wrong internal URL requests multiple times, the proxy service program may time out for a period of time without responding to subsequent proxy request connections, resulting in Denial of service attack",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-0990"
},
{
"db": "BID",
"id": "5958"
},
{
"db": "VULHUB",
"id": "VHN-5379"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "5958",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2002-0990",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200210-292",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20021014 MULTIPLE SYMANTEC FIREWALL SECURE WEBSERVER TIMEOUT DOS",
"trust": 0.6
},
{
"db": "XF",
"id": "10364",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-5379",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-5379"
},
{
"db": "BID",
"id": "5958"
},
{
"db": "NVD",
"id": "CVE-2002-0990"
},
{
"db": "CNNVD",
"id": "CNNVD-200210-292"
}
]
},
"id": "VAR-200210-0165",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-5379"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T14:07:04.740000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-0990"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/5958"
},
{
"trust": 1.7,
"url": "http://securityresponse.symantec.com/avcenter/security/content/2002.10.11.html"
},
{
"trust": 1.7,
"url": "http://www.iss.net/security_center/static/10364.php"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=103463869503124\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=103463869503124\u0026w=2"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-5379"
},
{
"db": "NVD",
"id": "CVE-2002-0990"
},
{
"db": "CNNVD",
"id": "CNNVD-200210-292"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-5379"
},
{
"db": "BID",
"id": "5958"
},
{
"db": "NVD",
"id": "CVE-2002-0990"
},
{
"db": "CNNVD",
"id": "CNNVD-200210-292"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-10-28T00:00:00",
"db": "VULHUB",
"id": "VHN-5379"
},
{
"date": "2002-10-14T00:00:00",
"db": "BID",
"id": "5958"
},
{
"date": "2002-10-28T05:00:00",
"db": "NVD",
"id": "CVE-2002-0990"
},
{
"date": "2002-10-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200210-292"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-10-18T00:00:00",
"db": "VULHUB",
"id": "VHN-5379"
},
{
"date": "2009-07-11T18:06:00",
"db": "BID",
"id": "5958"
},
{
"date": "2016-10-18T02:23:21.303000",
"db": "NVD",
"id": "CVE-2002-0990"
},
{
"date": "2005-05-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200210-292"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200210-292"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple Symantec Firewall Secure Webserver Error Request Remote Denial of Service Attack Vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200210-292"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "5958"
},
{
"db": "CNNVD",
"id": "CNNVD-200210-292"
}
],
"trust": 0.9
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…