CVE-2002-0990

The web proxy component in Symantec Enterprise Firewall (SEF) 6.5.2 through 7.0, Raptor Firewall 6.5 and 6.5.3, VelociRaptor, and Symantec Gateway Security allow remote attackers to cause a denial of service (connection resource exhaustion) via multiple connection requests to domains whose DNS server is unresponsive or does not exist, which generates a long timeout.

Published: Oct 28, 2002
Updated: Apr 13, 2023
CVE: CVE-2002-0990
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:N/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
symantec / velociraptor	500	500.x
symantec / enterprise_firewall	6.5.2	6.5.2.x
symantec / raptor_firewall	6.5	6.5.x
symantec / velociraptor	700	700.x
symantec / velociraptor	1100	1100.x
symantec / raptor_firewall	6.5.3	6.5.3.x
symantec / velociraptor	1200	1200.x
symantec / velociraptor	1300	1300.x
symantec / enterprise_firewall	7.0	7.0.x
symantec / velociraptor	1000	1000.x
symantec / gateway_security	5110	5110.x
symantec / gateway_security	5300	5300.x
symantec / gateway_security	5200	5200.x

Vulnerability Database

289,697

CVE-2002-0990