Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2002-0990

The web proxy component in Symantec Enterprise Firewall (SEF) 6.5.2 through 7.0, Raptor Firewall 6.5 and 6.5.3, VelociRaptor, and Symantec Gateway Security allow remote attackers to cause a denial of service (connection resource exhaustion) via multiple connection requests to domains whose DNS server is unresponsive or does not exist, which generates a long timeout.

Published

2002-10-28T05:00:00.000

Last Modified

2025-04-03T01:03:51.193

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 5.0 (MEDIUM)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

  • Access Vector: NETWORK
  • Access Complexity: LOW
  • Authentication: NONE
  • Confidentiality Impact: NONE
  • Integrity Impact: NONE
  • Availability Impact: PARTIAL
Exploitability Score

10.0

Impact Score

2.9

Weaknesses
  • Type: Primary
    NVD-CWE-Other
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application symantec enterprise_firewall 6.5.2 Yes
Application symantec enterprise_firewall 7.0 Yes
Application symantec enterprise_firewall 7.0 Yes
Application symantec raptor_firewall 6.5 Yes
Application symantec raptor_firewall 6.5.3 Yes
Application symantec velociraptor 500 Yes
Application symantec velociraptor 700 Yes
Application symantec velociraptor 1000 Yes
Application symantec velociraptor 1100 Yes
Application symantec velociraptor 1200 Yes
Application symantec velociraptor 1300 Yes
Hardware symantec gateway_security 5110 Yes
Hardware symantec gateway_security 5200 Yes
Hardware symantec gateway_security 5300 Yes
References