CVE-2002-0990
Symantec Enterprise Firewall 6.5.2-7.0 - Denial of Service via DNS Timeout Exhaustion
Title source: llmDescription
The web proxy component in Symantec Enterprise Firewall (SEF) 6.5.2 through 7.0, Raptor Firewall 6.5 and 6.5.3, VelociRaptor, and Symantec Gateway Security allow remote attackers to cause a denial of service (connection resource exhaustion) via multiple connection requests to domains whose DNS server is unresponsive or does not exist, which generates a long timeout.
References (4)
Core 4
Core References
Vendor Advisory vdb-entry
x_refsource_xf
http://www.iss.net/security_center/static/10364.php
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=103463869503124&w=2
Patch, Vendor Advisory x_refsource_confirm
http://securityresponse.symantec.com/avcenter/security/Content/2002.10.11.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/5958
Scores
EPSS
0.0107
EPSS Percentile
78.0%
Details
Status
published
Products (13)
symantec/enterprise_firewall
6.5.2
symantec/enterprise_firewall
7.0 (2 CPE variants)
symantec/gateway_security
5110
symantec/gateway_security
5200
symantec/gateway_security
5300
symantec/raptor_firewall
6.5
symantec/raptor_firewall
6.5.3
symantec/velociraptor
500
symantec/velociraptor
700
symantec/velociraptor
1000
... and 3 more
Published
Oct 28, 2002
Tracked Since
Feb 18, 2026