VAR-200212-0450
Vulnerability from variot - Updated: 2025-04-03 22:26The "block fragmented IP Packets" option in Symantec Norton Personal Firewall 2002 (NPW) does not properly protect against certain attacks on Windows vulnerabilities such as jolt2 (CVE-2000-0305). It has been reported that NPW may not adequately filter packet fragments. In particular, denial of service attacks based on fragmented packets have been reported to work effectively against systems protected by NPW. This may happen even if the attacking address is entirely blocked from the system. These issues have not been confirmed
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200212-0450",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "norton personal firewall",
"scope": "eq",
"trust": 1.9,
"vendor": "symantec",
"version": "2002"
}
],
"sources": [
{
"db": "BID",
"id": "4545"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-430"
},
{
"db": "NVD",
"id": "CVE-2002-1779"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovered by Alfonso Fiore \u003cafiore@secure-edge.com\u003e.",
"sources": [
{
"db": "BID",
"id": "4545"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-430"
}
],
"trust": 0.9
},
"cve": "CVE-2002-1779",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2002-1779",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.1,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-6162",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2002-1779",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200212-430",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-6162",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2002-1779",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6162"
},
{
"db": "VULMON",
"id": "CVE-2002-1779"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-430"
},
{
"db": "NVD",
"id": "CVE-2002-1779"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The \"block fragmented IP Packets\" option in Symantec Norton Personal Firewall 2002 (NPW) does not properly protect against certain attacks on Windows vulnerabilities such as jolt2 (CVE-2000-0305). \nIt has been reported that NPW may not adequately filter packet fragments. In particular, denial of service attacks based on fragmented packets have been reported to work effectively against systems protected by NPW. This may happen even if the attacking address is entirely blocked from the system. \nThese issues have not been confirmed",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-1779"
},
{
"db": "BID",
"id": "4545"
},
{
"db": "VULHUB",
"id": "VHN-6162"
},
{
"db": "VULMON",
"id": "CVE-2002-1779"
}
],
"trust": 1.35
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "4545",
"trust": 2.1
},
{
"db": "NVD",
"id": "CVE-2002-1779",
"trust": 1.8
},
{
"db": "CNNVD",
"id": "CNNVD-200212-430",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-6162",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2002-1779",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6162"
},
{
"db": "VULMON",
"id": "CVE-2002-1779"
},
{
"db": "BID",
"id": "4545"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-430"
},
{
"db": "NVD",
"id": "CVE-2002-1779"
}
]
},
"id": "VAR-200212-0450",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-6162"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:26:20.679000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-1779"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://securityresponse.symantec.com/avcenter/security/content/2002.05.16.html"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/4545"
},
{
"trust": 1.2,
"url": "http://online.securityfocus.com/archive/1/267850"
},
{
"trust": 0.3,
"url": "http://www.symantec.com/sabu/nis/npf/"
},
{
"trust": 0.3,
"url": "http://windowsupdate.microsoft.com"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=3622"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6162"
},
{
"db": "VULMON",
"id": "CVE-2002-1779"
},
{
"db": "BID",
"id": "4545"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-430"
},
{
"db": "NVD",
"id": "CVE-2002-1779"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-6162"
},
{
"db": "VULMON",
"id": "CVE-2002-1779"
},
{
"db": "BID",
"id": "4545"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-430"
},
{
"db": "NVD",
"id": "CVE-2002-1779"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-12-31T00:00:00",
"db": "VULHUB",
"id": "VHN-6162"
},
{
"date": "2002-12-31T00:00:00",
"db": "VULMON",
"id": "CVE-2002-1779"
},
{
"date": "2002-04-16T00:00:00",
"db": "BID",
"id": "4545"
},
{
"date": "2002-12-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200212-430"
},
{
"date": "2002-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2002-1779"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-09-05T00:00:00",
"db": "VULHUB",
"id": "VHN-6162"
},
{
"date": "2008-09-05T00:00:00",
"db": "VULMON",
"id": "CVE-2002-1779"
},
{
"date": "2002-04-16T00:00:00",
"db": "BID",
"id": "4545"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200212-430"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2002-1779"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200212-430"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Symantec Norton Personal Firewall 2002 Packet fragmentation vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200212-430"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200212-430"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…