CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2002-1979

WatchGuard SOHO products running firmware 5.1.6 and earlier, and Vclass/RSSA using 3.2 SP1 and earlier, allows remote attackers to bypass firewall rules by sending a PASV command string as the argument of another command to an FTP server, which generates a response that contains the string, causing IPFilter to treat the response as if it were a legitimate PASV command from the server.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 64.6%

CVSS Severity

CVSS v2 Score 7.5

References

http://www.kb.cert.org/vuls/id/328867
http://www.kb.cert.org/vuls/id/AAMN-5EQR65
http://www.kb.cert.org/vuls/id/328867
http://www.kb.cert.org/vuls/id/AAMN-5EQR65

Products affected by CVE-2002-1979

Watchguard » Legacy Rssa » Version: Any

cpe:2.3:h:watchguard:legacy_rssa:*
Watchguard » Soho » Version: Any

cpe:2.3:h:watchguard:soho:*
Watchguard » Vclass » Version: Any

cpe:2.3:h:watchguard:vclass:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2002-1979

Products

Pricing

Contact Us