CVE-2002-0891

NetScreen ScreenOS < 2.6.1r8, 2.8.x, < 3.0.3r1 - Denial of Service via Long Username

Title source: llm

Description

The web interface (WebUI) of NetScreen ScreenOS before 2.6.1r8, and certain 2.8.x and 3.0.x versions before 3.0.3r1, allows remote attackers to cause a denial of service (crash) via a long user name.

References (4)

Core 4

Core References

Vendor Advisory vdb-entry x_refsource_xf

http://www.iss.net/security_center/static/9186.php

Vendor Advisory vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/4842

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://online.securityfocus.com/archive/1/274240

Various Sources x_refsource_confirm

http://www.netscreen.com/support/ns25_reboot.html

Scores

EPSS 0.0067

EPSS Percentile 71.6%

Details

Status published

Products (23)

juniper/netscreen_screenos 2.5

juniper/netscreen_screenos 2.5r1

juniper/netscreen_screenos 2.5r2

juniper/netscreen_screenos 2.5r6

juniper/netscreen_screenos 2.6.1

juniper/netscreen_screenos 2.6.1r1

juniper/netscreen_screenos 2.6.1r2

juniper/netscreen_screenos 2.6.1r3

juniper/netscreen_screenos 2.6.1r4

juniper/netscreen_screenos 2.6.1r5

... and 13 more

Published Oct 04, 2002

Tracked Since Feb 18, 2026