Vulnerability Description
NetScreen ScreenOS before 4.0.1 allows remote attackers to bypass the Malicious-URL blocking feature by splitting the URL into fragmented IP requests.
CVSS Score
4.3
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Netscreen | Screenos | 2.7.1 |
Related Weaknesses (CWE)
References
- http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0093.html
- http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0094.html
- http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2002-11/0338.html
- http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2002-11/0347.html
- http://www.iss.net/security_center/static/10699.php
- http://www.securityfocus.com/bid/6245Patch
- http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0093.html
- http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0094.html
- http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2002-11/0338.html
- http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2002-11/0347.html
- http://www.iss.net/security_center/static/10699.php
- http://www.securityfocus.com/bid/6245Patch
FAQ
What is CVE-2002-2234?
CVE-2002-2234 is a vulnerability with a CVSS score of 4.3 (MEDIUM). NetScreen ScreenOS before 4.0.1 allows remote attackers to bypass the Malicious-URL blocking feature by splitting the URL into fragmented IP requests.
How severe is CVE-2002-2234?
CVE-2002-2234 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-2234?
Check the references section above for vendor advisories and patch information. Affected products include: Netscreen Screenos.