Lucene search

MitreCVE-2002-2150

HistoryNov 16, 2005 - 9:17 p.m.

CVE-2002-2150

2005-11-1621:17:00

mitre

web.nvd.nist.gov

firewalls

state tables

flood attacks

tcp syn flood

udp flood

crikey crc flood

nvd

cve-2002-2150

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

7.2

Confidence

Low

EPSS

0.012

Percentile

85.6%

JSON

Firewalls from multiple vendors empty state tables more slowly than they are filled, which allows remote attackers to flood state tables with packet flooding attacks such as (1) TCP SYN flood, (2) UDP flood, or (3) Crikey CRC Flood, which causes the firewall to refuse any new connections.

Affected configurations

Nvd

Node

junipernetscreen_screenosMatch2.7.1

junipernetscreen_screenosMatch2.7.1r1

junipernetscreen_screenosMatch2.7.1r2

junipernetscreen_screenosMatch2.7.1r3

junipernetscreen_screenosMatch2.10_r3

junipernetscreen_screenosMatch2.10_r4

junipernetscreen_screenosMatch3.0.1r1

junipernetscreen_screenosMatch3.0.1r2

junipernetscreen_screenosMatch3.0.3_r1.1

VendorProductVersionCPE
junipernetscreen_screenos2.7.1cpe:2.3:o:juniper:netscreen_screenos:2.7.1:*:*:*:*:*:*:*
junipernetscreen_screenos2.7.1r1cpe:2.3:o:juniper:netscreen_screenos:2.7.1r1:*:*:*:*:*:*:*
junipernetscreen_screenos2.7.1r2cpe:2.3:o:juniper:netscreen_screenos:2.7.1r2:*:*:*:*:*:*:*
junipernetscreen_screenos2.7.1r3cpe:2.3:o:juniper:netscreen_screenos:2.7.1r3:*:*:*:*:*:*:*
junipernetscreen_screenos2.10_r3cpe:2.3:o:juniper:netscreen_screenos:2.10_r3:*:*:*:*:*:*:*
junipernetscreen_screenos2.10_r4cpe:2.3:o:juniper:netscreen_screenos:2.10_r4:*:*:*:*:*:*:*
junipernetscreen_screenos3.0.1r1cpe:2.3:o:juniper:netscreen_screenos:3.0.1r1:*:*:*:*:*:*:*
junipernetscreen_screenos3.0.1r2cpe:2.3:o:juniper:netscreen_screenos:3.0.1r2:*:*:*:*:*:*:*
junipernetscreen_screenos3.0.3_r1.1cpe:2.3:o:juniper:netscreen_screenos:3.0.3_r1.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
juniper	netscreen_screenos	2.7.1	cpe:2.3:o:juniper:netscreen_screenos:2.7.1:::::::*
juniper	netscreen_screenos	2.7.1r1	cpe:2.3:o:juniper:netscreen_screenos:2.7.1r1:::::::*
juniper	netscreen_screenos	2.7.1r2	cpe:2.3:o:juniper:netscreen_screenos:2.7.1r2:::::::*
juniper	netscreen_screenos	2.7.1r3	cpe:2.3:o:juniper:netscreen_screenos:2.7.1r3:::::::*
juniper	netscreen_screenos	2.10_r3	cpe:2.3:o:juniper:netscreen_screenos:2.10_r3:::::::*
juniper	netscreen_screenos	2.10_r4	cpe:2.3:o:juniper:netscreen_screenos:2.10_r4:::::::*
juniper	netscreen_screenos	3.0.1r1	cpe:2.3:o:juniper:netscreen_screenos:3.0.1r1:::::::*
juniper	netscreen_screenos	3.0.1r2	cpe:2.3:o:juniper:netscreen_screenos:3.0.1r2:::::::*
juniper	netscreen_screenos	3.0.3_r1.1	cpe:2.3:o:juniper:netscreen_screenos:3.0.3_r1.1:::::::*

References

www.iss.net/security_center/static/10449.php

www.kb.cert.org/vuls/id/539363

www.securityfocus.com/bid/6023

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

7.2

Confidence

Low

EPSS

0.012

Percentile

85.6%

JSON

Related for CVE-2002-2150