CVE-2002-2150
Last modified
CVE-2002-2150 is a vulnerability of currently unknown severity. Firewalls from multiple vendors empty state tables more slowly than they are filled, which allows remote attackers to flood state tables with packet flooding attacks such as (1) TCP SYN flood, (2) UDP flood, or (3) Crikey CRC Flood, which causes the firewall to refuse any new connections.. EPSS estimates a 1.99% chance of exploitation in the next 30 days.
Description
Firewalls from multiple vendors empty state tables more slowly than they are filled, which allows remote attackers to flood state tables with packet flooding attacks such as (1) TCP SYN flood, (2) UDP flood, or (3) Crikey CRC Flood, which causes the firewall to refuse any new connections.
Metrics
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Juniper | Netscreen Screenos | 2.7.1 |
| Juniper | Netscreen Screenos | 2.7.1r1 |
| Juniper | Netscreen Screenos | 2.7.1r2 |
| Juniper | Netscreen Screenos | 2.7.1r3 |
| Juniper | Netscreen Screenos | 2.10_r3 |
| Juniper | Netscreen Screenos | 2.10_r4 |
| Juniper | Netscreen Screenos | 3.0.1r1 |
| Juniper | Netscreen Screenos | 3.0.1r2 |
| Juniper | Netscreen Screenos | 3.0.3_r1.1 |
References
- http://www.kb.cert.org/vuls/id/539363Third Party Advisory, US Government Resource
- http://www.kb.cert.org/vuls/id/539363Third Party Advisory, US Government Resource
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2002-2150?
How severe is CVE-2002-2150?
How do I fix CVE-2002-2150?
Are you affected by CVE-2002-2150?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST