VAR-200212-0740
Vulnerability from variot - Updated: 2023-12-18 12:53Multiple buffer overflows in Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 allow remote attackers to cause a denial of service (service termination) via (1) malformed RealAudio (rad) packets that are not properly handled by the RealAudio Proxy, or (2) crafted packets to the statistics service (statsd). A vulnerability has been reported for Symantec Enterprise Firewall. A buffer overflow vulnerability occurs in the RealAudio Proxy installed on Symantec Enterprise Firewall. Reportedly when the Proxy is sent a specially formatted stream of data, it will trigger a buffer overflow condition. An attacker can exploit this vulnerability and send a specially crafted stream of data to the Proxy . This will result in a local buffer to be overrun with attacker supplied values and will trigger the buffer overflow condition. Although unconfirmed, it may be possible for an attacker to gain control over the execution of the vulnerable RealAudio Proxy process. There is a problem in the RealAudio proxy service program when processing special scans. Remote attackers can use this vulnerability to carry out buffer overflow attacks, which can cause denial of service attacks on the system. When scanning firewalls with the Qualys tool, the rad (RealAudio) and statsd (statistics) services were incorrectly terminated. Dr. Watson can record this core dump, scanning the sent data can cause the RealAudio service to destroy the buffer, and the statistical service, statsd, will stop responding due to an access violation. All other services function normally
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200212-0740",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "raptor firewall",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "6.5"
},
{
"model": "enterprise firewall",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "6.5.2"
},
{
"model": "enterprise firewall",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "7.0"
},
{
"model": "velociraptor",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "model_1200"
},
{
"model": "raptor firewall",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "6.5.3"
},
{
"model": "velociraptor",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "model_1100"
},
{
"model": "velociraptor",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "model_1000"
},
{
"model": "velociraptor",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "model_1300"
},
{
"model": "velociraptor",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "model_700"
},
{
"model": "velociraptor",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "model_500"
},
{
"model": "gateway security",
"scope": "eq",
"trust": 0.9,
"vendor": "symantec",
"version": "5300"
},
{
"model": "gateway security",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "5110_1.0"
},
{
"model": "gateway security",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "5200_1.0"
},
{
"model": "velociraptor",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "700"
},
{
"model": "velociraptor",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "500"
},
{
"model": "velociraptor",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "1300"
},
{
"model": "velociraptor",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "1200"
},
{
"model": "velociraptor",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "1100"
},
{
"model": "velociraptor",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "1000"
},
{
"model": "raptor firewall solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.5.3"
},
{
"model": "raptor firewall windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.5"
},
{
"model": "gateway security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "52001.0"
},
{
"model": "gateway security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "51101.0"
},
{
"model": "enterprise firewall solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.0"
},
{
"model": "enterprise firewall nt/2000",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.0"
},
{
"model": "enterprise firewall nt/2000",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.5.2"
}
],
"sources": [
{
"db": "BID",
"id": "6389"
},
{
"db": "NVD",
"id": "CVE-2002-2294"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-432"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:symantec:gateway_security:5110_1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:symantec:gateway_security:5200_1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:symantec:gateway_security:5300:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:raptor_firewall:6.5:*:windows_nt:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:velociraptor:model_1000:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:velociraptor:model_1100:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:velociraptor:model_1200:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:enterprise_firewall:7.0:*:windows_2000_nt:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:raptor_firewall:6.5.3:*:solaris:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:velociraptor:model_700:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:enterprise_firewall:6.5.2:*:windows_2000_nt:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:enterprise_firewall:7.0:*:solaris:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:velociraptor:model_1300:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:velociraptor:model_500:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-2294"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Symantec",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200212-432"
}
],
"trust": 0.6
},
"cve": "CVE-2002-2294",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-6677",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2002-2294",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200212-432",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-6677",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6677"
},
{
"db": "NVD",
"id": "CVE-2002-2294"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-432"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple buffer overflows in Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 allow remote attackers to cause a denial of service (service termination) via (1) malformed RealAudio (rad) packets that are not properly handled by the RealAudio Proxy, or (2) crafted packets to the statistics service (statsd). A vulnerability has been reported for Symantec Enterprise Firewall. A buffer overflow vulnerability occurs in the RealAudio Proxy installed on Symantec Enterprise Firewall. Reportedly when the Proxy is sent a specially formatted stream of data, it will trigger a buffer overflow condition. \nAn attacker can exploit this vulnerability and send a specially crafted stream of data to the Proxy . This will result in a local buffer to be overrun with attacker supplied values and will trigger the buffer overflow condition. \nAlthough unconfirmed, it may be possible for an attacker to gain control over the execution of the vulnerable RealAudio Proxy process. There is a problem in the RealAudio proxy service program when processing special scans. Remote attackers can use this vulnerability to carry out buffer overflow attacks, which can cause denial of service attacks on the system. When scanning firewalls with the Qualys tool, the rad (RealAudio) and statsd (statistics) services were incorrectly terminated. Dr. Watson can record this core dump, scanning the sent data can cause the RealAudio service to destroy the buffer, and the statistical service, statsd, will stop responding due to an access violation. All other services function normally",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-2294"
},
{
"db": "BID",
"id": "6389"
},
{
"db": "VULHUB",
"id": "VHN-6677"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "6389",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2002-2294",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200212-432",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "4055",
"trust": 0.6
},
{
"db": "XF",
"id": "10862",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-6677",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6677"
},
{
"db": "BID",
"id": "6389"
},
{
"db": "NVD",
"id": "CVE-2002-2294"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-432"
}
]
},
"id": "VAR-200212-0740",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-6677"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:53:50.811000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6677"
},
{
"db": "NVD",
"id": "CVE-2002-2294"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/6389"
},
{
"trust": 1.7,
"url": "http://www.symantec.com/avcenter/security/content/2002.12.12.html"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10862"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/10862"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/4055"
},
{
"trust": 0.3,
"url": "http://securityresponse.symantec.com/avcenter/security/content/2002.12.12.html"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6677"
},
{
"db": "BID",
"id": "6389"
},
{
"db": "NVD",
"id": "CVE-2002-2294"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-432"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-6677"
},
{
"db": "BID",
"id": "6389"
},
{
"db": "NVD",
"id": "CVE-2002-2294"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-432"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-12-31T00:00:00",
"db": "VULHUB",
"id": "VHN-6677"
},
{
"date": "2002-12-13T00:00:00",
"db": "BID",
"id": "6389"
},
{
"date": "2002-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2002-2294"
},
{
"date": "2002-12-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200212-432"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-29T00:00:00",
"db": "VULHUB",
"id": "VHN-6677"
},
{
"date": "2002-12-13T00:00:00",
"db": "BID",
"id": "6389"
},
{
"date": "2017-07-29T01:29:03.997000",
"db": "NVD",
"id": "CVE-2002-2294"
},
{
"date": "2002-12-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200212-432"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200212-432"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Symantec Enterprise Firewall RealAudio Proxy remote buffer overflow vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200212-432"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200212-432"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…