VAR-200212-0811
Vulnerability from variot - Updated: 2023-12-18 12:33Norton Personal Firewall 2002 4.0, when configured to automatically block attacks, allows remote attackers to block IP addresses and cause a denial of service via spoofed packets. The problem is in the handling of spoofed traffic. Under some circumstances, it is possible for remote users to deny service to various sites for users of PC Firewall software. By sending spoofed traffic that could be deemed malicious by the firewall software package, an attacker could effectively limit the sites a system is capable of reaching. Many PC firewalls have the function of automatically blocking malicious attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200212-0811",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "norton personal firewall",
"scope": "eq",
"trust": 1.9,
"vendor": "symantec",
"version": "2002"
},
{
"model": "labs anti-hacker",
"scope": "eq",
"trust": 0.3,
"vendor": "kaspersky",
"version": "1.0"
},
{
"model": "security systems blackice server protection cdf",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "3.5"
},
{
"model": "security systems blackice defender cap",
"scope": "eq",
"trust": 0.3,
"vendor": "internet",
"version": "2.9"
}
],
"sources": [
{
"db": "BID",
"id": "5917"
},
{
"db": "NVD",
"id": "CVE-2002-2336"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-557"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_personal_firewall:2002:4.0:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-2336"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Yiming Gong\u203b yiming@security.zz.ha.cn",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200212-557"
}
],
"trust": 0.6
},
"cve": "CVE-2002-2336",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-6719",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2002-2336",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200212-557",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-6719",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6719"
},
{
"db": "NVD",
"id": "CVE-2002-2336"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-557"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Norton Personal Firewall 2002 4.0, when configured to automatically block attacks, allows remote attackers to block IP addresses and cause a denial of service via spoofed packets. The problem is in the handling of spoofed traffic. \nUnder some circumstances, it is possible for remote users to deny service to various sites for users of PC Firewall software. By sending spoofed traffic that could be deemed malicious by the firewall software package, an attacker could effectively limit the sites a system is capable of reaching. Many PC firewalls have the function of automatically blocking malicious attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-2336"
},
{
"db": "BID",
"id": "5917"
},
{
"db": "VULHUB",
"id": "VHN-6719"
}
],
"trust": 1.26
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-6719",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6719"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "5917",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2002-2336",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200212-557",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20021008 MULTIPLE VENDOR PC FIREWALL REMOTE DENIAL OF SERVICES VULNERABILITY",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20021008 RE: MULTIPLE VENDOR PC FIREWALL REMOTE DENIAL OF SERVICES VULNERABILITY",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "3634",
"trust": 0.6
},
{
"db": "XF",
"id": "10314",
"trust": 0.6
},
{
"db": "SEEBUG",
"id": "SSVID-75733",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "21915",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-6719",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6719"
},
{
"db": "BID",
"id": "5917"
},
{
"db": "NVD",
"id": "CVE-2002-2336"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-557"
}
]
},
"id": "VAR-200212-0811",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-6719"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:33:09.437000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-16",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6719"
},
{
"db": "NVD",
"id": "CVE-2002-2336"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/5917"
},
{
"trust": 1.7,
"url": "http://online.securityfocus.com/archive/1/294411"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0156.html"
},
{
"trust": 1.7,
"url": "http://www.iss.net/security_center/static/10314.php"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/3634"
},
{
"trust": 0.3,
"url": "/archive/1/315631"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6719"
},
{
"db": "BID",
"id": "5917"
},
{
"db": "NVD",
"id": "CVE-2002-2336"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-557"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-6719"
},
{
"db": "BID",
"id": "5917"
},
{
"db": "NVD",
"id": "CVE-2002-2336"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-557"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-12-31T00:00:00",
"db": "VULHUB",
"id": "VHN-6719"
},
{
"date": "2002-10-08T00:00:00",
"db": "BID",
"id": "5917"
},
{
"date": "2002-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2002-2336"
},
{
"date": "2002-10-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200212-557"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-09-05T00:00:00",
"db": "VULHUB",
"id": "VHN-6719"
},
{
"date": "2002-10-08T00:00:00",
"db": "BID",
"id": "5917"
},
{
"date": "2008-09-05T20:32:57.570000",
"db": "NVD",
"id": "CVE-2002-2336"
},
{
"date": "2002-12-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200212-557"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200212-557"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "PC Firewall automatically blocks operation remote denial of service attack vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200212-557"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "configuration error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200212-557"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…