Vulnerability Details CVE-2002-2234
NetScreen ScreenOS before 4.0.1 allows remote attackers to bypass the Malicious-URL blocking feature by splitting the URL into fragmented IP requests.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 62.3%
CVSS Severity
CVSS v2 Score 4.3
References
- http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0093.html
- http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0094.html
- http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2002-11/0338.html
- http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2002-11/0347.html
- http://www.iss.net/security_center/static/10699.php
- http://www.securityfocus.com/bid/6245
- http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0093.html
- http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0094.html
- http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2002-11/0338.html
- http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2002-11/0347.html
- http://www.iss.net/security_center/static/10699.php
- http://www.securityfocus.com/bid/6245
Products affected by CVE-2002-2234
-
cpe:2.3:a:netscreen:screenos:2.7.1
-
cpe:2.3:a:netscreen:screenos:2.8
-
cpe:2.3:a:netscreen:screenos:3.0
-
cpe:2.3:a:netscreen:screenos:3.1
-
cpe:2.3:a:netscreen:screenos:4.0