Vulnerability Description
Firewalls from multiple vendors empty state tables more slowly than they are filled, which allows remote attackers to flood state tables with packet flooding attacks such as (1) TCP SYN flood, (2) UDP flood, or (3) Crikey CRC Flood, which causes the firewall to refuse any new connections.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Juniper | Netscreen Screenos | 2.7.1 |
References
- http://www.iss.net/security_center/static/10449.php
- http://www.kb.cert.org/vuls/id/539363Third Party AdvisoryUS Government Resource
- http://www.securityfocus.com/bid/6023
- http://www.iss.net/security_center/static/10449.php
- http://www.kb.cert.org/vuls/id/539363Third Party AdvisoryUS Government Resource
- http://www.securityfocus.com/bid/6023
FAQ
What is CVE-2002-2150?
CVE-2002-2150 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Firewalls from multiple vendors empty state tables more slowly than they are filled, which allows remote attackers to flood state tables with packet flooding attacks such as (1) TCP SYN flood, (2) UDP...
How severe is CVE-2002-2150?
CVE-2002-2150 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-2150?
Check the references section above for vendor advisories and patch information. Affected products include: Juniper Netscreen Screenos.