Vulnerability Description
The web proxy component in Symantec Enterprise Firewall (SEF) 6.5.2 through 7.0, Raptor Firewall 6.5 and 6.5.3, VelociRaptor, and Symantec Gateway Security allow remote attackers to cause a denial of service (connection resource exhaustion) via multiple connection requests to domains whose DNS server is unresponsive or does not exist, which generates a long timeout.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Symantec | Enterprise Firewall | 6.5.2 |
| Symantec | Raptor Firewall | 6.5 |
| Symantec | Velociraptor | 500 |
| Symantec | Gateway Security | 5110 |
References
- http://marc.info/?l=bugtraq&m=103463869503124&w=2
- http://securityresponse.symantec.com/avcenter/security/Content/2002.10.11.htmlPatchVendor Advisory
- http://www.iss.net/security_center/static/10364.phpVendor Advisory
- http://www.securityfocus.com/bid/5958
- http://marc.info/?l=bugtraq&m=103463869503124&w=2
- http://securityresponse.symantec.com/avcenter/security/Content/2002.10.11.htmlPatchVendor Advisory
- http://www.iss.net/security_center/static/10364.phpVendor Advisory
- http://www.securityfocus.com/bid/5958
FAQ
What is CVE-2002-0990?
CVE-2002-0990 is a vulnerability with a CVSS score of 5.0 (MEDIUM). The web proxy component in Symantec Enterprise Firewall (SEF) 6.5.2 through 7.0, Raptor Firewall 6.5 and 6.5.3, VelociRaptor, and Symantec Gateway Security allow remote attackers to cause a denial of ...
How severe is CVE-2002-0990?
CVE-2002-0990 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-0990?
Check the references section above for vendor advisories and patch information. Affected products include: Symantec Enterprise Firewall, Symantec Raptor Firewall, Symantec Velociraptor, Symantec Gateway Security.