CVE-2002-2150

Firewalls from multiple vendors empty state tables more slowly than they are filled, which allows remote attackers to flood state tables with packet flooding attacks such as (1) TCP SYN flood, (2) UDP flood, or (3) Crikey CRC Flood, which causes the firewall to refuse any new connections.

Published: Dec 31, 2002
Updated: Apr 13, 2023
CVE: CVE-2002-2150
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:N/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
juniper / netscreen_screenos	2.7.1	2.7.1.x
juniper / netscreen_screenos	2.10_r4	2.10_r4.x
juniper / netscreen_screenos	3.0.3_r1.1	3.0.3_r1.1.x
juniper / netscreen_screenos	3.0.1r2	3.0.1r2.x
juniper / netscreen_screenos	2.10_r3	2.10_r3.x
juniper / netscreen_screenos	2.7.1r3	2.7.1r3.x
juniper / netscreen_screenos	2.7.1r1	2.7.1r1.x
juniper / netscreen_screenos	2.7.1r2	2.7.1r2.x
juniper / netscreen_screenos	3.0.1r1	3.0.1r1.x

http://www.iss.net/security_center/static/10449.php
http://www.kb.cert.org/vuls/id/539363
http://www.securityfocus.com/bid/6023

Vulnerability Database

289,697

CVE-2002-2150