CVE-2002-1463 – Linux Kernel 2.2 - Predictable TCP Initial Sequence Number
https://notcve.org/view.php?id=CVE-2002-1463
Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor Models 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 generate easily predictable initial sequence numbers (ISN), which allows remote attackers to spoof connections. Symantec Raptor Firewall 6.5 y 6.5.3, Enterprise Firewall 6.5.2 y 7.0, VelociRaptor modelos 500/700/1000 y 1100/1200/1300, y Gateway Security 5110/5200/5300 generan secuencias numéricas iniciales (ISN) fácilmente predecibles, lo que permitiría a atacantes remotos falsear conexiones. • https://www.exploit-db.com/exploits/19522 http://archives.neohapsis.com/archives/bugtraq/2002-07/0492.html http://www.osvdb.org/855 http://www.securityfocus.com/bid/5387 http://www.symantec.com/techsupp/bulletin/archive/firewall/082002firewall.html https://exchange.xforce.ibmcloud.com/vulnerabilities/12836 •
CVE-2002-1535
https://notcve.org/view.php?id=CVE-2002-1535
Secure Webserver 1.1 in Raptor 6.5 and Symantec Enterprise Firewall 6.5.2 allows remote attackers to identify IP addresses of hosts on the internal network via a CONNECT request, which generates different error messages if the host is present. Secure Webserver 1.1 en Raptor 6.5 y Symantec Enterprise Firewall 6.5.2 permite a atacantes remotos la identificación de direcciones IP de equipos en red mediante una petición CONNECT, que genera un mensajes de error distinto en caso de que el equipo este presente. • http://archives.neohapsis.com/archives/bugtraq/2002-10/0190.html http://securityresponse.symantec.com/avcenter/security/Content/2002.10.11a.html http://www.iss.net/security_center/static/10363.php http://www.securityfocus.com/bid/5959 •
CVE-2002-2294
https://notcve.org/view.php?id=CVE-2002-2294
Multiple buffer overflows in Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 allow remote attackers to cause a denial of service (service termination) via (1) malformed RealAudio (rad) packets that are not properly handled by the RealAudio Proxy, or (2) crafted packets to the statistics service (statsd). • http://www.securityfocus.com/bid/6389 http://www.symantec.com/avcenter/security/Content/2002.12.12.html https://exchange.xforce.ibmcloud.com/vulnerabilities/10862 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2002-0990
https://notcve.org/view.php?id=CVE-2002-0990
The web proxy component in Symantec Enterprise Firewall (SEF) 6.5.2 through 7.0, Raptor Firewall 6.5 and 6.5.3, VelociRaptor, and Symantec Gateway Security allow remote attackers to cause a denial of service (connection resource exhaustion) via multiple connection requests to domains whose DNS server is unresponsive or does not exist, which generates a long timeout. El componente de proxy web en Symantec Enterprise Firewall (SEF) 6.5.2 a 7.0, Raptor Firewall 6.5 y 6.5.3, VelociRaptor, y Symantec Gateway Security permite a atacantes remotos causar una denegación de servicio (agotamiento de recursos de conexiones) mediante múltiples peticiones de conexión a dominios cuyo servidor DNS no responda o no exista, lo que genera una larga espera. • http://marc.info/?l=bugtraq&m=103463869503124&w=2 http://securityresponse.symantec.com/avcenter/security/Content/2002.10.11.html http://www.iss.net/security_center/static/10364.php http://www.securityfocus.com/bid/5958 •
CVE-2002-0538
https://notcve.org/view.php?id=CVE-2002-0538
FTP proxy in Symantec Raptor Firewall 6.5.3 and Enterprise 7.0 rewrites an FTP server's "FTP PORT" responses in a way that allows remote attackers to redirect FTP data connections to arbitrary ports, a variant of the "FTP bounce" vulnerability. • http://archives.neohapsis.com/archives/bugtraq/2002-04/0166.html http://archives.neohapsis.com/archives/bugtraq/2002-04/0224.html http://securityresponse.symantec.com/avcenter/security/Content/2002.04.17.html http://www.iss.net/security_center/static/8847.php http://www.securityfocus.com/bid/4522 •