Denial of Service Vulnerability in Symantec Enterprise Firewall and Raptor Firewall
CVE-2002-0990

Currently unrated

Key Information:

Vendor: Symantec
Status: Velociraptor; Enterprise Firewall; Raptor Firewall
Vendor: CVE Published:; 28 October 2002

Summary

The web proxy component in various Symantec firewall products is susceptible to a denial of service condition, allowing remote attackers to deplete connection resources. This occurs when multiple connection requests are sent to unresponsive or nonexistent DNS servers, resulting in excessive timeout periods that render the affected firewall unable to process legitimate traffic effectively.

References

http://www.iss.net/security_center/static/10364.php

vdb-entryx_refsource_XF

http://marc.info/?l=bugtraq&m=103463869503124&w=2

mailing-listx_refsource_BUGTRAQ

http://securityresponse.symantec.com/avcenter/security/Co...

x_refsource_CONFIRM

Timeline

Vulnerability published
Oct 28, 2002
Vulnerability Reserved
Aug 27, 2002