CVE-2002-1979

WatchGuard SOHO < 5.1.6 and Vclass/RSSA < 3.2 SP1 - Firewall Rule Bypass via FTP PASV Command Injection

Title source: llm
STIX 2.1

Description

WatchGuard SOHO products running firmware 5.1.6 and earlier, and Vclass/RSSA using 3.2 SP1 and earlier, allows remote attackers to bypass firewall rules by sending a PASV command string as the argument of another command to an FTP server, which generates a response that contains the string, causing IPFilter to treat the response as if it were a legitimate PASV command from the server.

References (2)

Core 2
Core References
Patch x_refsource_confirm
http://www.kb.cert.org/vuls/id/AAMN-5EQR65
US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/328867

Scores

EPSS 0.0154
EPSS Percentile 72.0%

Details

CWE
CWE-20
Status published
Products (3)
watchguard/legacy_rssa < 3.2_sp1
watchguard/soho < 5.1.6
watchguard/vclass < 3.2_sp1
Published Dec 31, 2002
Tracked Since Feb 18, 2026