Vulnerabilites related to symantec - velociraptor
CVE-2002-0990 (GCVE-0-2002-0990)
Vulnerability from cvelistv5
Published
2004-09-01 04:00
Modified
2024-08-08 03:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The web proxy component in Symantec Enterprise Firewall (SEF) 6.5.2 through 7.0, Raptor Firewall 6.5 and 6.5.3, VelociRaptor, and Symantec Gateway Security allow remote attackers to cause a denial of service (connection resource exhaustion) via multiple connection requests to domains whose DNS server is unresponsive or does not exist, which generates a long timeout.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:12:16.897Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "simple-webserver-url-dos(10364)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10364.php"
},
{
"name": "20021014 Multiple Symantec Firewall Secure Webserver timeout DoS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103463869503124\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.10.11.html"
},
{
"name": "5958",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5958"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-10-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The web proxy component in Symantec Enterprise Firewall (SEF) 6.5.2 through 7.0, Raptor Firewall 6.5 and 6.5.3, VelociRaptor, and Symantec Gateway Security allow remote attackers to cause a denial of service (connection resource exhaustion) via multiple connection requests to domains whose DNS server is unresponsive or does not exist, which generates a long timeout."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-02-26T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "simple-webserver-url-dos(10364)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10364.php"
},
{
"name": "20021014 Multiple Symantec Firewall Secure Webserver timeout DoS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103463869503124\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.10.11.html"
},
{
"name": "5958",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5958"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0990",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The web proxy component in Symantec Enterprise Firewall (SEF) 6.5.2 through 7.0, Raptor Firewall 6.5 and 6.5.3, VelociRaptor, and Symantec Gateway Security allow remote attackers to cause a denial of service (connection resource exhaustion) via multiple connection requests to domains whose DNS server is unresponsive or does not exist, which generates a long timeout."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "simple-webserver-url-dos(10364)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10364.php"
},
{
"name": "20021014 Multiple Symantec Firewall Secure Webserver timeout DoS",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=103463869503124\u0026w=2"
},
{
"name": "http://securityresponse.symantec.com/avcenter/security/Content/2002.10.11.html",
"refsource": "CONFIRM",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.10.11.html"
},
{
"name": "5958",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5958"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0990",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2002-08-27T00:00:00",
"dateUpdated": "2024-08-08T03:12:16.897Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-2317 (GCVE-0-2002-2317)
Vulnerability from cvelistv5
Published
2007-10-26 19:00
Modified
2024-09-16 20:53
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Memory leak in the (1) httpd, (2) nntpd, and (3) vpn driver in VelociRaptor 1.0 allows remote attackers to cause a denial of service (memory consumption) via an unknown method.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:59:11.913Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "velociraptor-memory-leak(10317)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10317.php"
},
{
"name": "5909",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5909"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/techsupp/enterprise/products/sym_velociraptor/sym_velociraptor_1/files.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Memory leak in the (1) httpd, (2) nntpd, and (3) vpn driver in VelociRaptor 1.0 allows remote attackers to cause a denial of service (memory consumption) via an unknown method."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-10-26T19:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "velociraptor-memory-leak(10317)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10317.php"
},
{
"name": "5909",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5909"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/techsupp/enterprise/products/sym_velociraptor/sym_velociraptor_1/files.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-2317",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Memory leak in the (1) httpd, (2) nntpd, and (3) vpn driver in VelociRaptor 1.0 allows remote attackers to cause a denial of service (memory consumption) via an unknown method."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "velociraptor-memory-leak(10317)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10317.php"
},
{
"name": "5909",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5909"
},
{
"name": "http://www.symantec.com/techsupp/enterprise/products/sym_velociraptor/sym_velociraptor_1/files.html",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/techsupp/enterprise/products/sym_velociraptor/sym_velociraptor_1/files.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-2317",
"datePublished": "2007-10-26T19:00:00Z",
"dateReserved": "2007-10-26T00:00:00Z",
"dateUpdated": "2024-09-16T20:53:13.843Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-2294 (GCVE-0-2002-2294)
Vulnerability from cvelistv5
Published
2007-10-18 10:00
Modified
2024-08-08 03:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple buffer overflows in Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 allow remote attackers to cause a denial of service (service termination) via (1) malformed RealAudio (rad) packets that are not properly handled by the RealAudio Proxy, or (2) crafted packets to the statistics service (statsd).
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:59:11.399Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/avcenter/security/Content/2002.12.12.html"
},
{
"name": "sef-realaudio-proxy-bo(10862)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10862"
},
{
"name": "6389",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6389"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-12-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 allow remote attackers to cause a denial of service (service termination) via (1) malformed RealAudio (rad) packets that are not properly handled by the RealAudio Proxy, or (2) crafted packets to the statistics service (statsd)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/avcenter/security/Content/2002.12.12.html"
},
{
"name": "sef-realaudio-proxy-bo(10862)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10862"
},
{
"name": "6389",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6389"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-2294",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 allow remote attackers to cause a denial of service (service termination) via (1) malformed RealAudio (rad) packets that are not properly handled by the RealAudio Proxy, or (2) crafted packets to the statistics service (statsd)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.symantec.com/avcenter/security/Content/2002.12.12.html",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/avcenter/security/Content/2002.12.12.html"
},
{
"name": "sef-realaudio-proxy-bo(10862)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10862"
},
{
"name": "6389",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6389"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-2294",
"datePublished": "2007-10-18T10:00:00",
"dateReserved": "2007-10-17T00:00:00",
"dateUpdated": "2024-08-08T03:59:11.399Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0369 (GCVE-0-2004-0369)
Vulnerability from cvelistv5
Published
2005-04-14 04:00
Modified
2024-08-08 00:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in Entrust LibKmp ISAKMP library, as used by Symantec Enterprise Firewall 7.0 through 8.0, Gateway Security 5300 1.0, Gateway Security 5400 2.0, and VelociRaptor 1.5, allows remote attackers to execute arbitrary code via a crafted ISAKMP payload.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:17:14.359Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ESB-2004.0538",
"tags": [
"third-party-advisory",
"x_refsource_AUSCERT",
"x_transferred"
],
"url": "http://www.auscert.org.au/render.html?it=4339"
},
{
"name": "isakmp-spi-size-bo(15669)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15669"
},
{
"name": "20040826 Entrust LibKmp Library Buffer Overflow",
"tags": [
"third-party-advisory",
"x_refsource_ISS",
"x_transferred"
],
"url": "http://xforce.iss.net/xforce/alerts/id/181"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.08.26.html"
},
{
"name": "O-206",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC",
"x_transferred"
],
"url": "http://www.ciac.org/ciac/bulletins/o-206.shtml"
},
{
"name": "11039",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11039"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-08-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Entrust LibKmp ISAKMP library, as used by Symantec Enterprise Firewall 7.0 through 8.0, Gateway Security 5300 1.0, Gateway Security 5400 2.0, and VelociRaptor 1.5, allows remote attackers to execute arbitrary code via a crafted ISAKMP payload."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ESB-2004.0538",
"tags": [
"third-party-advisory",
"x_refsource_AUSCERT"
],
"url": "http://www.auscert.org.au/render.html?it=4339"
},
{
"name": "isakmp-spi-size-bo(15669)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15669"
},
{
"name": "20040826 Entrust LibKmp Library Buffer Overflow",
"tags": [
"third-party-advisory",
"x_refsource_ISS"
],
"url": "http://xforce.iss.net/xforce/alerts/id/181"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.08.26.html"
},
{
"name": "O-206",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC"
],
"url": "http://www.ciac.org/ciac/bulletins/o-206.shtml"
},
{
"name": "11039",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11039"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0369",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Entrust LibKmp ISAKMP library, as used by Symantec Enterprise Firewall 7.0 through 8.0, Gateway Security 5300 1.0, Gateway Security 5400 2.0, and VelociRaptor 1.5, allows remote attackers to execute arbitrary code via a crafted ISAKMP payload."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ESB-2004.0538",
"refsource": "AUSCERT",
"url": "http://www.auscert.org.au/render.html?it=4339"
},
{
"name": "isakmp-spi-size-bo(15669)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15669"
},
{
"name": "20040826 Entrust LibKmp Library Buffer Overflow",
"refsource": "ISS",
"url": "http://xforce.iss.net/xforce/alerts/id/181"
},
{
"name": "http://securityresponse.symantec.com/avcenter/security/Content/2004.08.26.html",
"refsource": "CONFIRM",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.08.26.html"
},
{
"name": "O-206",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/o-206.shtml"
},
{
"name": "11039",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11039"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0369",
"datePublished": "2005-04-14T04:00:00",
"dateReserved": "2004-03-24T00:00:00",
"dateUpdated": "2024-08-08T00:17:14.359Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0538 (GCVE-0-2002-0538)
Vulnerability from cvelistv5
Published
2003-04-02 05:00
Modified
2024-08-08 02:49
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
FTP proxy in Symantec Raptor Firewall 6.5.3 and Enterprise 7.0 rewrites an FTP server's "FTP PORT" responses in a way that allows remote attackers to redirect FTP data connections to arbitrary ports, a variant of the "FTP bounce" vulnerability.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:49:28.883Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "4522",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4522"
},
{
"name": "20020415 Raptor Firewall FTP Bounce vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-04/0166.html"
},
{
"name": "raptor-firewall-ftp-bounce(8847)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/8847.php"
},
{
"name": "20020417 Re: Raptor Firewall FTP Bounce vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-04/0224.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.04.17.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-04-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "FTP proxy in Symantec Raptor Firewall 6.5.3 and Enterprise 7.0 rewrites an FTP server\u0027s \"FTP PORT\" responses in a way that allows remote attackers to redirect FTP data connections to arbitrary ports, a variant of the \"FTP bounce\" vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-06-15T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "4522",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4522"
},
{
"name": "20020415 Raptor Firewall FTP Bounce vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-04/0166.html"
},
{
"name": "raptor-firewall-ftp-bounce(8847)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/8847.php"
},
{
"name": "20020417 Re: Raptor Firewall FTP Bounce vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-04/0224.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.04.17.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0538",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "FTP proxy in Symantec Raptor Firewall 6.5.3 and Enterprise 7.0 rewrites an FTP server\u0027s \"FTP PORT\" responses in a way that allows remote attackers to redirect FTP data connections to arbitrary ports, a variant of the \"FTP bounce\" vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "4522",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4522"
},
{
"name": "20020415 Raptor Firewall FTP Bounce vulnerability",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-04/0166.html"
},
{
"name": "raptor-firewall-ftp-bounce(8847)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/8847.php"
},
{
"name": "20020417 Re: Raptor Firewall FTP Bounce vulnerability",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-04/0224.html"
},
{
"name": "http://securityresponse.symantec.com/avcenter/security/Content/2002.04.17.html",
"refsource": "CONFIRM",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.04.17.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0538",
"datePublished": "2003-04-02T05:00:00",
"dateReserved": "2002-06-07T00:00:00",
"dateUpdated": "2024-08-08T02:49:28.883Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-0817 (GCVE-0-2005-0817)
Vulnerability from cvelistv5
Published
2005-03-20 05:00
Modified
2024-08-07 21:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unknown vulnerability in the DNSd proxy, as used in Symantec Gateway Security 5400 2.x and 5300 1.x, Enterprise Firewall 7.0.x and 8.x, and VelociRaptor 1100/1200/1300 1.5, allows remote attackers to poison the DNS cache and redirect users to malicious sites.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:28:28.821Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "sef-dns-spoofing(16423)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16423"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.isc.sans.org/diary.php?date=2005-03-04"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.03.15.html"
},
{
"name": "symantec-dnsdproxy-redirect(44530)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44530"
},
{
"name": "1013451",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1013451"
},
{
"name": "20040615 Symantec Enterprise Firewall DNSD cache poisoning Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2004-06/0225.html"
},
{
"name": "14595",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/14595"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-03-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unknown vulnerability in the DNSd proxy, as used in Symantec Gateway Security 5400 2.x and 5300 1.x, Enterprise Firewall 7.0.x and 8.x, and VelociRaptor 1100/1200/1300 1.5, allows remote attackers to poison the DNS cache and redirect users to malicious sites."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "sef-dns-spoofing(16423)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16423"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.isc.sans.org/diary.php?date=2005-03-04"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.03.15.html"
},
{
"name": "symantec-dnsdproxy-redirect(44530)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44530"
},
{
"name": "1013451",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1013451"
},
{
"name": "20040615 Symantec Enterprise Firewall DNSD cache poisoning Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2004-06/0225.html"
},
{
"name": "14595",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/14595"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0817",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unknown vulnerability in the DNSd proxy, as used in Symantec Gateway Security 5400 2.x and 5300 1.x, Enterprise Firewall 7.0.x and 8.x, and VelociRaptor 1100/1200/1300 1.5, allows remote attackers to poison the DNS cache and redirect users to malicious sites."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "sef-dns-spoofing(16423)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16423"
},
{
"name": "http://www.isc.sans.org/diary.php?date=2005-03-04",
"refsource": "MISC",
"url": "http://www.isc.sans.org/diary.php?date=2005-03-04"
},
{
"name": "http://securityresponse.symantec.com/avcenter/security/Content/2005.03.15.html",
"refsource": "CONFIRM",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.03.15.html"
},
{
"name": "symantec-dnsdproxy-redirect(44530)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44530"
},
{
"name": "1013451",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1013451"
},
{
"name": "20040615 Symantec Enterprise Firewall DNSD cache poisoning Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2004-06/0225.html"
},
{
"name": "14595",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/14595"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-0817",
"datePublished": "2005-03-20T05:00:00",
"dateReserved": "2005-03-20T00:00:00",
"dateUpdated": "2024-08-07T21:28:28.821Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1463 (GCVE-0-2002-1463)
Vulnerability from cvelistv5
Published
2004-09-01 04:00
Modified
2024-08-08 03:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor Models 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 generate easily predictable initial sequence numbers (ISN), which allows remote attackers to spoof connections.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:26:28.448Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20020802 Security Advisory: Raptor Firewall Weak ISN Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0492.html"
},
{
"name": "5387",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5387"
},
{
"name": "symantec-tcp-seq-predict(12836)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12836"
},
{
"name": "855",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/855"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/techsupp/bulletin/archive/firewall/082002firewall.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-08-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor Models 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 generate easily predictable initial sequence numbers (ISN), which allows remote attackers to spoof connections."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-08-18T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20020802 Security Advisory: Raptor Firewall Weak ISN Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0492.html"
},
{
"name": "5387",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5387"
},
{
"name": "symantec-tcp-seq-predict(12836)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12836"
},
{
"name": "855",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/855"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/techsupp/bulletin/archive/firewall/082002firewall.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1463",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor Models 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 generate easily predictable initial sequence numbers (ISN), which allows remote attackers to spoof connections."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20020802 Security Advisory: Raptor Firewall Weak ISN Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0492.html"
},
{
"name": "5387",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5387"
},
{
"name": "symantec-tcp-seq-predict(12836)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12836"
},
{
"name": "855",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/855"
},
{
"name": "http://www.symantec.com/techsupp/bulletin/archive/firewall/082002firewall.html",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/techsupp/bulletin/archive/firewall/082002firewall.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1463",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2003-02-05T00:00:00",
"dateUpdated": "2024-08-08T03:26:28.448Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2003-06-09 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor Models 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 generate easily predictable initial sequence numbers (ISN), which allows remote attackers to spoof connections.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | enterprise_firewall | 6.5.2 | |
| symantec | enterprise_firewall | 7.0 | |
| symantec | raptor_firewall | 6.5 | |
| symantec | raptor_firewall | 6.5.3 | |
| symantec | velociraptor | model_500 | |
| symantec | velociraptor | model_700 | |
| symantec | velociraptor | model_1000 | |
| symantec | velociraptor | model_1100 | |
| symantec | velociraptor | model_1200 | |
| symantec | velociraptor | model_1300 | |
| symantec | gateway_security | 5110 | |
| symantec | gateway_security | 5200 | |
| symantec | gateway_security | 5300 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:enterprise_firewall:6.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "60CD39A5-0059-4E17-8F4F-58F23589A408",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:enterprise_firewall:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "55B40C3E-2794-4310-97BC-D80069992C87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:raptor_firewall:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2678E925-06BD-4C3F-8223-93E070B4035E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:raptor_firewall:6.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "53477F8E-F387-4266-88B7-1B1022E74F2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:velociraptor:model_500:*:*:*:*:*:*:*",
"matchCriteriaId": "2BE710F1-F3AD-423B-A0DB-78D5F809D62E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:velociraptor:model_700:*:*:*:*:*:*:*",
"matchCriteriaId": "A4F0486F-3101-4D7B-83C2-8E9F31802504",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:velociraptor:model_1000:*:*:*:*:*:*:*",
"matchCriteriaId": "155FE168-A185-4D4D-923B-207F0B26EE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:velociraptor:model_1100:*:*:*:*:*:*:*",
"matchCriteriaId": "FDB06031-2EF6-4E45-977D-F28D538FB773",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:velociraptor:model_1200:*:*:*:*:*:*:*",
"matchCriteriaId": "30475DFE-D476-4A6C-B851-139E927BAA25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:velociraptor:model_1300:*:*:*:*:*:*:*",
"matchCriteriaId": "D9A2EDF6-46FF-4EF5-A37A-AAD06B9A51D1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:symantec:gateway_security:5110:*:*:*:*:*:*:*",
"matchCriteriaId": "7E42EDB2-616D-4915-9E41-7D80F32E4901",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:gateway_security:5200:*:*:*:*:*:*:*",
"matchCriteriaId": "1D1175AC-9310-4804-8FB3-2F988F55BD09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:gateway_security:5300:*:*:*:*:*:*:*",
"matchCriteriaId": "FF09575E-83D3-4772-816B-7D639B1C32A4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor Models 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 generate easily predictable initial sequence numbers (ISN), which allows remote attackers to spoof connections."
},
{
"lang": "es",
"value": "Symantec Raptor Firewall 6.5 y 6.5.3, Enterprise Firewall 6.5.2 y 7.0, VelociRaptor modelos 500/700/1000 y 1100/1200/1300, y Gateway Security 5110/5200/5300 generan secuencias num\u00e9ricas iniciales (ISN) f\u00e1cilmente predecibles, lo que permitir\u00eda a atacantes remotos falsear conexiones."
}
],
"id": "CVE-2002-1463",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-06-09T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0492.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/855"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/5387"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.symantec.com/techsupp/bulletin/archive/firewall/082002firewall.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12836"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0492.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/855"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/5387"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.symantec.com/techsupp/bulletin/archive/firewall/082002firewall.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12836"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-07-03 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
FTP proxy in Symantec Raptor Firewall 6.5.3 and Enterprise 7.0 rewrites an FTP server's "FTP PORT" responses in a way that allows remote attackers to redirect FTP data connections to arbitrary ports, a variant of the "FTP bounce" vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | enterprise_firewall | 6.5.2 | |
| symantec | enterprise_firewall | 7.0 | |
| symantec | enterprise_firewall | 7.0 | |
| symantec | raptor_firewall | 6.5 | |
| symantec | raptor_firewall | 6.5.3 | |
| symantec | velociraptor | 1.x | |
| symantec | gateway_security | 1.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:enterprise_firewall:6.5.2:*:windows_2000_nt:*:*:*:*:*",
"matchCriteriaId": "0306D0E7-691F-46EB-9133-F585000476A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:enterprise_firewall:7.0:*:solaris:*:*:*:*:*",
"matchCriteriaId": "8656778B-9299-436B-AF8A-64C042273751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:enterprise_firewall:7.0:*:windows_2000_nt:*:*:*:*:*",
"matchCriteriaId": "8D5B3D26-F6FB-4D38-99B5-4AAF8C62F82A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:raptor_firewall:6.5:*:windows_nt:*:*:*:*:*",
"matchCriteriaId": "D585A9BA-7F89-4382-95BB-823B83E5F222",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:raptor_firewall:6.5.3:*:solaris:*:*:*:*:*",
"matchCriteriaId": "4BBE1CA5-CDB0-4C9C-A6AB-0727C56E419F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:velociraptor:1.x:*:*:*:*:*:*:*",
"matchCriteriaId": "DEA864B8-61DF-465F-A021-C8D6C9CB4827",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:symantec:gateway_security:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0CAE17C6-FD3E-4846-A706-78246B37BFA1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FTP proxy in Symantec Raptor Firewall 6.5.3 and Enterprise 7.0 rewrites an FTP server\u0027s \"FTP PORT\" responses in a way that allows remote attackers to redirect FTP data connections to arbitrary ports, a variant of the \"FTP bounce\" vulnerability."
}
],
"id": "CVE-2002-0538",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-07-03T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-04/0166.html"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-04/0224.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.04.17.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/8847.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/4522"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-04/0166.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-04/0224.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.04.17.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/8847.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/4522"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-10-28 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
The web proxy component in Symantec Enterprise Firewall (SEF) 6.5.2 through 7.0, Raptor Firewall 6.5 and 6.5.3, VelociRaptor, and Symantec Gateway Security allow remote attackers to cause a denial of service (connection resource exhaustion) via multiple connection requests to domains whose DNS server is unresponsive or does not exist, which generates a long timeout.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | enterprise_firewall | 6.5.2 | |
| symantec | enterprise_firewall | 7.0 | |
| symantec | enterprise_firewall | 7.0 | |
| symantec | raptor_firewall | 6.5 | |
| symantec | raptor_firewall | 6.5.3 | |
| symantec | velociraptor | 500 | |
| symantec | velociraptor | 700 | |
| symantec | velociraptor | 1000 | |
| symantec | velociraptor | 1100 | |
| symantec | velociraptor | 1200 | |
| symantec | velociraptor | 1300 | |
| symantec | gateway_security | 5110 | |
| symantec | gateway_security | 5200 | |
| symantec | gateway_security | 5300 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:enterprise_firewall:6.5.2:*:windows_2000_nt:*:*:*:*:*",
"matchCriteriaId": "0306D0E7-691F-46EB-9133-F585000476A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:enterprise_firewall:7.0:*:solaris:*:*:*:*:*",
"matchCriteriaId": "8656778B-9299-436B-AF8A-64C042273751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:enterprise_firewall:7.0:*:windows_2000_nt:*:*:*:*:*",
"matchCriteriaId": "8D5B3D26-F6FB-4D38-99B5-4AAF8C62F82A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:raptor_firewall:6.5:*:windows_nt:*:*:*:*:*",
"matchCriteriaId": "D585A9BA-7F89-4382-95BB-823B83E5F222",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:raptor_firewall:6.5.3:*:solaris:*:*:*:*:*",
"matchCriteriaId": "4BBE1CA5-CDB0-4C9C-A6AB-0727C56E419F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:velociraptor:500:*:*:*:*:*:*:*",
"matchCriteriaId": "DA052121-6694-4F90-BEE1-E5D987676A2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:velociraptor:700:*:*:*:*:*:*:*",
"matchCriteriaId": "3F2ADA6F-769B-441F-89B0-C66DDE1C0F3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:velociraptor:1000:*:*:*:*:*:*:*",
"matchCriteriaId": "8C1D900E-FEB4-4EA7-A88F-84607A9BBAF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:velociraptor:1100:*:*:*:*:*:*:*",
"matchCriteriaId": "107F69B6-8CFA-44F6-B6CA-AD54B5D194E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:velociraptor:1200:*:*:*:*:*:*:*",
"matchCriteriaId": "639A972B-4D99-4E8A-885E-930779D65125",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:velociraptor:1300:*:*:*:*:*:*:*",
"matchCriteriaId": "849ABDDF-321F-43A3-9723-6B33907D8A52",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:symantec:gateway_security:5110:*:*:*:*:*:*:*",
"matchCriteriaId": "7E42EDB2-616D-4915-9E41-7D80F32E4901",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:gateway_security:5200:*:*:*:*:*:*:*",
"matchCriteriaId": "1D1175AC-9310-4804-8FB3-2F988F55BD09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:gateway_security:5300:*:*:*:*:*:*:*",
"matchCriteriaId": "FF09575E-83D3-4772-816B-7D639B1C32A4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The web proxy component in Symantec Enterprise Firewall (SEF) 6.5.2 through 7.0, Raptor Firewall 6.5 and 6.5.3, VelociRaptor, and Symantec Gateway Security allow remote attackers to cause a denial of service (connection resource exhaustion) via multiple connection requests to domains whose DNS server is unresponsive or does not exist, which generates a long timeout."
},
{
"lang": "es",
"value": "El componente de proxy web en Symantec Enterprise Firewall (SEF) 6.5.2 a 7.0, Raptor Firewall 6.5 y 6.5.3, VelociRaptor, y Symantec Gateway Security permite a atacantes remotos causar una denegaci\u00f3n de servicio (agotamiento de recursos de conexiones) mediante m\u00faltiples peticiones de conexi\u00f3n a dominios cuyo servidor DNS no responda o no exista, lo que genera una larga espera."
}
],
"id": "CVE-2002-0990",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-10-28T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=103463869503124\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.10.11.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/10364.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/5958"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=103463869503124\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.10.11.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/10364.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/5958"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-05-02 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Unknown vulnerability in the DNSd proxy, as used in Symantec Gateway Security 5400 2.x and 5300 1.x, Enterprise Firewall 7.0.x and 8.x, and VelociRaptor 1100/1200/1300 1.5, allows remote attackers to poison the DNS cache and redirect users to malicious sites.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | enterprise_firewall | 7.0 | |
| symantec | enterprise_firewall | 8.0 | |
| symantec | velociraptor | model_1300 | |
| symantec | gateway_security_5300 | 1.0 | |
| symantec | gateway_security_5400 | 2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:enterprise_firewall:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "55B40C3E-2794-4310-97BC-D80069992C87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:enterprise_firewall:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "593124AA-5952-4A7E-AB55-D5D851C5DE0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:velociraptor:model_1300:*:*:*:*:*:*:*",
"matchCriteriaId": "D9A2EDF6-46FF-4EF5-A37A-AAD06B9A51D1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:symantec:gateway_security_5300:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3EDDB133-A6C8-45B4-9988-3D3D2F3952E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:gateway_security_5400:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C1B7CF42-F93E-48E6-BCD2-30B357F80DDA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unknown vulnerability in the DNSd proxy, as used in Symantec Gateway Security 5400 2.x and 5300 1.x, Enterprise Firewall 7.0.x and 8.x, and VelociRaptor 1100/1200/1300 1.5, allows remote attackers to poison the DNS cache and redirect users to malicious sites."
}
],
"id": "CVE-2005-0817",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-05-02T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2004-06/0225.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/14595"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.03.15.html"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1013451"
},
{
"source": "cve@mitre.org",
"url": "http://www.isc.sans.org/diary.php?date=2005-03-04"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16423"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44530"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2004-06/0225.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/14595"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.03.15.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1013451"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.isc.sans.org/diary.php?date=2005-03-04"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16423"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44530"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Multiple buffer overflows in Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 allow remote attackers to cause a denial of service (service termination) via (1) malformed RealAudio (rad) packets that are not properly handled by the RealAudio Proxy, or (2) crafted packets to the statistics service (statsd).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | gateway_security | 5110_1.0 | |
| symantec | gateway_security | 5200_1.0 | |
| symantec | gateway_security | 5300 | |
| symantec | enterprise_firewall | 6.5.2 | |
| symantec | enterprise_firewall | 7.0 | |
| symantec | enterprise_firewall | 7.0 | |
| symantec | raptor_firewall | 6.5 | |
| symantec | raptor_firewall | 6.5.3 | |
| symantec | velociraptor | model_500 | |
| symantec | velociraptor | model_700 | |
| symantec | velociraptor | model_1000 | |
| symantec | velociraptor | model_1100 | |
| symantec | velociraptor | model_1200 | |
| symantec | velociraptor | model_1300 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:symantec:gateway_security:5110_1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B647CBE-35DA-404C-BC71-0C378CC5CA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:symantec:gateway_security:5200_1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8EB8A732-3D37-4B96-8674-E03CC3826967",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:symantec:gateway_security:5300:*:*:*:*:*:*:*",
"matchCriteriaId": "FF09575E-83D3-4772-816B-7D639B1C32A4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:enterprise_firewall:6.5.2:*:windows_2000_nt:*:*:*:*:*",
"matchCriteriaId": "0306D0E7-691F-46EB-9133-F585000476A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:enterprise_firewall:7.0:*:solaris:*:*:*:*:*",
"matchCriteriaId": "8656778B-9299-436B-AF8A-64C042273751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:enterprise_firewall:7.0:*:windows_2000_nt:*:*:*:*:*",
"matchCriteriaId": "8D5B3D26-F6FB-4D38-99B5-4AAF8C62F82A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:raptor_firewall:6.5:*:windows_nt:*:*:*:*:*",
"matchCriteriaId": "D585A9BA-7F89-4382-95BB-823B83E5F222",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:raptor_firewall:6.5.3:*:solaris:*:*:*:*:*",
"matchCriteriaId": "4BBE1CA5-CDB0-4C9C-A6AB-0727C56E419F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:velociraptor:model_500:*:*:*:*:*:*:*",
"matchCriteriaId": "2BE710F1-F3AD-423B-A0DB-78D5F809D62E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:velociraptor:model_700:*:*:*:*:*:*:*",
"matchCriteriaId": "A4F0486F-3101-4D7B-83C2-8E9F31802504",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:velociraptor:model_1000:*:*:*:*:*:*:*",
"matchCriteriaId": "155FE168-A185-4D4D-923B-207F0B26EE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:velociraptor:model_1100:*:*:*:*:*:*:*",
"matchCriteriaId": "FDB06031-2EF6-4E45-977D-F28D538FB773",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:velociraptor:model_1200:*:*:*:*:*:*:*",
"matchCriteriaId": "30475DFE-D476-4A6C-B851-139E927BAA25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:velociraptor:model_1300:*:*:*:*:*:*:*",
"matchCriteriaId": "D9A2EDF6-46FF-4EF5-A37A-AAD06B9A51D1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 allow remote attackers to cause a denial of service (service termination) via (1) malformed RealAudio (rad) packets that are not properly handled by the RealAudio Proxy, or (2) crafted packets to the statistics service (statsd)."
}
],
"id": "CVE-2002-2294",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/6389"
},
{
"source": "cve@mitre.org",
"url": "http://www.symantec.com/avcenter/security/Content/2002.12.12.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10862"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/6389"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.symantec.com/avcenter/security/Content/2002.12.12.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10862"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Memory leak in the (1) httpd, (2) nntpd, and (3) vpn driver in VelociRaptor 1.0 allows remote attackers to cause a denial of service (memory consumption) via an unknown method.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | velociraptor | 1.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:velociraptor:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B27F6ABB-9186-41E6-935C-8499995BFB5C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Memory leak in the (1) httpd, (2) nntpd, and (3) vpn driver in VelociRaptor 1.0 allows remote attackers to cause a denial of service (memory consumption) via an unknown method."
}
],
"id": "CVE-2002-2317",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.iss.net/security_center/static/10317.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/5909"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.symantec.com/techsupp/enterprise/products/sym_velociraptor/sym_velociraptor_1/files.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.iss.net/security_center/static/10317.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/5909"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.symantec.com/techsupp/enterprise/products/sym_velociraptor/sym_velociraptor_1/files.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
},
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in Entrust LibKmp ISAKMP library, as used by Symantec Enterprise Firewall 7.0 through 8.0, Gateway Security 5300 1.0, Gateway Security 5400 2.0, and VelociRaptor 1.5, allows remote attackers to execute arbitrary code via a crafted ISAKMP payload.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| entrust | entrust_libkmp_isakmp_library | * | |
| symantec | enterprise_firewall | 7.0 | |
| symantec | enterprise_firewall | 7.0.4 | |
| symantec | enterprise_firewall | 7.0.4 | |
| symantec | enterprise_firewall | 8.0 | |
| symantec | enterprise_firewall | 8.0 | |
| symantec | velociraptor | 1.5 | |
| symantec | gateway_security_5300 | 1.0 | |
| symantec | gateway_security_5400 | 2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:entrust:entrust_libkmp_isakmp_library:*:*:*:*:*:*:*:*",
"matchCriteriaId": "302E62EC-C81E-4BD5-A8E0-0CC55F34BE17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:enterprise_firewall:7.0:*:solaris:*:*:*:*:*",
"matchCriteriaId": "8656778B-9299-436B-AF8A-64C042273751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:enterprise_firewall:7.0.4:*:solaris:*:*:*:*:*",
"matchCriteriaId": "78A16B88-E49B-4C4C-A82E-03511C99872D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:enterprise_firewall:7.0.4:*:windows_2000_nt:*:*:*:*:*",
"matchCriteriaId": "30BE919C-A7DF-46C3-BFF6-F0452F0FC434",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:enterprise_firewall:8.0:*:solaris:*:*:*:*:*",
"matchCriteriaId": "F66D6BB6-2355-4644-8A18-725F9E970EA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:enterprise_firewall:8.0:*:windows_2000_nt:*:*:*:*:*",
"matchCriteriaId": "AD892E2E-E1C9-49A2-A42C-3B56F2B0BA4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:velociraptor:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C260200D-60D2-41E2-8F5C-50796EBBF8E2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:symantec:gateway_security_5300:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3EDDB133-A6C8-45B4-9988-3D3D2F3952E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:gateway_security_5400:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C1B7CF42-F93E-48E6-BCD2-30B357F80DDA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Entrust LibKmp ISAKMP library, as used by Symantec Enterprise Firewall 7.0 through 8.0, Gateway Security 5300 1.0, Gateway Security 5400 2.0, and VelociRaptor 1.5, allows remote attackers to execute arbitrary code via a crafted ISAKMP payload."
}
],
"id": "CVE-2004-0369",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.08.26.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.auscert.org.au/render.html?it=4339"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ciac.org/ciac/bulletins/o-206.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/11039"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://xforce.iss.net/xforce/alerts/id/181"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15669"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.08.26.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.auscert.org.au/render.html?it=4339"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ciac.org/ciac/bulletins/o-206.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/11039"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://xforce.iss.net/xforce/alerts/id/181"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15669"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}