Lucene search

MitreCVE-2002-2266

HistoryOct 18, 2007 - 10:00 a.m.

CVE-2002-2266

2007-10-1810:00:00

mitre

web.nvd.nist.gov

cve-2002-2266

netscreen

screenos

denial of service

firewall

h.323

netmeeting

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

7.2

Confidence

High

EPSS

0.011

Percentile

85.0%

JSON

NetScreen ScreenOS 2.8 through 4.0, when forwarding H.323 or Netmeeting traffic, allows remote attackers to cause a denial of service (firewall session table consumption) by establishing multiple half-open H.323 sessions, which are not cleaned up on garbage removal and do not time out for 36 hours.

Affected configurations

Nvd

Node

netscreenscreenosMatch2.8

netscreenscreenosMatch3.0

netscreenscreenosMatch3.1

netscreenscreenosMatch4.0

VendorProductVersionCPE
netscreenscreenos2.8cpe:2.3:a:netscreen:screenos:2.8:*:*:*:*:*:*:*
netscreenscreenos3.0cpe:2.3:a:netscreen:screenos:3.0:*:*:*:*:*:*:*
netscreenscreenos3.1cpe:2.3:a:netscreen:screenos:3.1:*:*:*:*:*:*:*
netscreenscreenos4.0cpe:2.3:a:netscreen:screenos:4.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
netscreen	screenos	2.8	cpe:2.3:a:netscreen:screenos:2.8:::::::*
netscreen	screenos	3.0	cpe:2.3:a:netscreen:screenos:3.0:::::::*
netscreen	screenos	3.1	cpe:2.3:a:netscreen:screenos:3.1:::::::*
netscreen	screenos	4.0	cpe:2.3:a:netscreen:screenos:4.0:::::::*

References

marc.info/?l=bugtraq&m=103827647621729&w=2

www.securityfocus.com/bid/6250

exchange.xforce.ibmcloud.com/vulnerabilities/10700

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

7.2

Confidence

High

EPSS

0.011

Percentile

85.0%

JSON

Related for CVE-2002-2266