CVE-2002-2294 : Multiple buffer overflows in Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise

Multiple buffer overflows in Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 allow remote attackers to cause a denial of service (service termination) via (1) malformed RealAudio (rad) packets that are not properly handled by the RealAudio Proxy, or (2) crafted packets to the statistics service (statsd).

Published 2002-12-31 05:00:00

Updated 2017-07-29 01:29:04

Source MITRE

View at NVD, CVE.org

Vulnerability category: OverflowDenial of service

Products affected by CVE-2002-2294

Symantec » Raptor Firewall » Version: 6.5.3 Solaris Edition
cpe:2.3:a:symantec:raptor_firewall:6.5.3:*:solaris:*:*:*:*:*
Matching versions
When used together with: Symantec » Gateway Security » Version: 5110 1.0
When used together with: Symantec » Gateway Security » Version: 5200 1.0
When used together with: Symantec » Gateway Security » Version: 5300
Symantec » Raptor Firewall » Version: 6.5 Windows Nt Edition
cpe:2.3:a:symantec:raptor_firewall:6.5:*:windows_nt:*:*:*:*:*
Matching versions
When used together with: Symantec » Gateway Security » Version: 5110 1.0
When used together with: Symantec » Gateway Security » Version: 5200 1.0
When used together with: Symantec » Gateway Security » Version: 5300
Symantec » Enterprise Firewall » Version: 6.5.2 Windows 2000 Nt Edition
cpe:2.3:a:symantec:enterprise_firewall:6.5.2:*:windows_2000_nt:*:*:*:*:*
Matching versions
When used together with: Symantec » Gateway Security » Version: 5110 1.0
When used together with: Symantec » Gateway Security » Version: 5200 1.0
When used together with: Symantec » Gateway Security » Version: 5300
Symantec » Enterprise Firewall » Version: 7.0 Windows 2000 Nt Edition
cpe:2.3:a:symantec:enterprise_firewall:7.0:*:windows_2000_nt:*:*:*:*:*
Matching versions
When used together with: Symantec » Gateway Security » Version: 5110 1.0
When used together with: Symantec » Gateway Security » Version: 5200 1.0
When used together with: Symantec » Gateway Security » Version: 5300
Symantec » Enterprise Firewall » Version: 7.0 Solaris Edition
cpe:2.3:a:symantec:enterprise_firewall:7.0:*:solaris:*:*:*:*:*
Matching versions
When used together with: Symantec » Gateway Security » Version: 5110 1.0
When used together with: Symantec » Gateway Security » Version: 5200 1.0
When used together with: Symantec » Gateway Security » Version: 5300
Symantec » Velociraptor » Version: Model 500
cpe:2.3:a:symantec:velociraptor:model_500:*:*:*:*:*:*:*
Matching versions
When used together with: Symantec » Gateway Security » Version: 5110 1.0
When used together with: Symantec » Gateway Security » Version: 5200 1.0
When used together with: Symantec » Gateway Security » Version: 5300
Symantec » Velociraptor » Version: Model 700
cpe:2.3:a:symantec:velociraptor:model_700:*:*:*:*:*:*:*
Matching versions
When used together with: Symantec » Gateway Security » Version: 5110 1.0
When used together with: Symantec » Gateway Security » Version: 5200 1.0
When used together with: Symantec » Gateway Security » Version: 5300
Symantec » Velociraptor » Version: Model 1200
cpe:2.3:a:symantec:velociraptor:model_1200:*:*:*:*:*:*:*
Matching versions
When used together with: Symantec » Gateway Security » Version: 5110 1.0
When used together with: Symantec » Gateway Security » Version: 5200 1.0
When used together with: Symantec » Gateway Security » Version: 5300
Symantec » Velociraptor » Version: Model 1300
cpe:2.3:a:symantec:velociraptor:model_1300:*:*:*:*:*:*:*
Matching versions
When used together with: Symantec » Gateway Security » Version: 5110 1.0
When used together with: Symantec » Gateway Security » Version: 5200 1.0
When used together with: Symantec » Gateway Security » Version: 5300
Symantec » Velociraptor » Version: Model 1000
cpe:2.3:a:symantec:velociraptor:model_1000:*:*:*:*:*:*:*
Matching versions
When used together with: Symantec » Gateway Security » Version: 5110 1.0
When used together with: Symantec » Gateway Security » Version: 5200 1.0
When used together with: Symantec » Gateway Security » Version: 5300
Symantec » Velociraptor » Version: Model 1100
cpe:2.3:a:symantec:velociraptor:model_1100:*:*:*:*:*:*:*
Matching versions
When used together with: Symantec » Gateway Security » Version: 5110 1.0
When used together with: Symantec » Gateway Security » Version: 5200 1.0
When used together with: Symantec » Gateway Security » Version: 5300

Exploit prediction scoring system (EPSS) score for CVE-2002-2294

EPSS FAQ

1.17%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 77 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2002-2294

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
5.0	MEDIUM	AV:N/AC:L/Au:N/C:N/I:N/A:P	10.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Partial

CWE ids for CVE-2002-2294

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2002-2294

Jump to

Vulnerability Details : CVE-2002-2294

Products affected by CVE-2002-2294

Exploit prediction scoring system (EPSS) score for CVE-2002-2294

CVSS scores for CVE-2002-2294

CWE ids for CVE-2002-2294

References for CVE-2002-2294