Vulnerability Details CVE-2002-0990
The web proxy component in Symantec Enterprise Firewall (SEF) 6.5.2 through 7.0, Raptor Firewall 6.5 and 6.5.3, VelociRaptor, and Symantec Gateway Security allow remote attackers to cause a denial of service (connection resource exhaustion) via multiple connection requests to domains whose DNS server is unresponsive or does not exist, which generates a long timeout.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 73.1%
CVSS Severity
CVSS v2 Score 5.0
References
- http://marc.info/?l=bugtraq&m=103463869503124&w=2
- http://securityresponse.symantec.com/avcenter/security/Content/2002.10.11.html
- http://www.iss.net/security_center/static/10364.php
- http://www.securityfocus.com/bid/5958
- http://marc.info/?l=bugtraq&m=103463869503124&w=2
- http://securityresponse.symantec.com/avcenter/security/Content/2002.10.11.html
- http://www.iss.net/security_center/static/10364.php
- http://www.securityfocus.com/bid/5958
Products affected by CVE-2002-0990
-
cpe:2.3:a:symantec:enterprise_firewall:6.5.2
-
cpe:2.3:a:symantec:enterprise_firewall:7.0
-
cpe:2.3:a:symantec:raptor_firewall:6.5
-
cpe:2.3:a:symantec:raptor_firewall:6.5.3
-
cpe:2.3:a:symantec:velociraptor:1000
-
cpe:2.3:a:symantec:velociraptor:1100
-
cpe:2.3:a:symantec:velociraptor:1200
-
cpe:2.3:a:symantec:velociraptor:1300
-
cpe:2.3:a:symantec:velociraptor:500
-
cpe:2.3:a:symantec:velociraptor:700
-
cpe:2.3:h:symantec:gateway_security:5110
-
cpe:2.3:h:symantec:gateway_security:5200
-
cpe:2.3:h:symantec:gateway_security:5300