Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2002-2150

EPSS 1.92% · P83
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2002-2150

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Firewalls from multiple vendors empty state tables more slowly than they are filled, which allows remote attackers to flood state tables with packet flooding attacks such as (1) TCP SYN flood, (2) UDP flood, or (3) Crikey CRC Flood, which causes the firewall to refuse any new connections.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
多家厂商防火墙包淹没导致状态表填满漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
多种防火墙产品使用状态表判断是否获得的包属于两个主机间已经存在的会话中,当防火墙遇到包匹配规则库但不匹配单前定义的状态时,状态表中会增加一条新的会话条目。防火墙根据不同原因会从状态表中移去相关条目,这些原因包括会话time-out值过期,检测到TCP FIN或者TCP、RST包等。 如果新的状态条目增加速度超过防火墙删除条目的速度,远程攻击者就可以利用这个问题填满所有状态表缓冲区,导致产生拒绝服务攻击。 攻击者可以发送短小的,大量匹配规则库的包给防火墙,这样新的条目增加就可能超过防火墙删除的速度,状态表就
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2002-2150

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2002-2150

登录查看更多情报信息。

Same Patch Batch · n/a · 2005-11-16 · 191 CVEs total

CVE-2002-2156Trillian缓冲区溢出漏洞
CVE-2002-2142BEA WebLogic Server/Express/Integration应用程序移植安全策略存在漏洞
CVE-2002-2143MySimpleNews远程管理员密码可读漏洞
CVE-2002-2144BearShare目录遍历漏洞
CVE-2002-2145Savant Webserver远程受保护文件泄露漏洞
CVE-2002-2146Savant Webserver cgitest.exe远程拒绝服务攻击漏洞
CVE-2002-2148Lucent路由器UDP端口9信息泄漏漏洞
CVE-2002-2149Lucent Access Point IP 服务路由器超长HTTP请求服务拒绝漏洞
CVE-2002-2152Software602 Web602 Web服务器未授权管理目录访问漏洞
CVE-2002-2153Oracle Application Server PL/SQL远程格式化串溢出漏洞
CVE-2002-2154Monkey HTTP Daemon 路径遍历漏洞
CVE-2002-2155Trillian IRC模块格式字符串漏洞
CVE-2002-2164所谓的Outlook Express连接服务拒绝漏洞
CVE-2002-2169AOL Instant Messenger未授权行为漏洞
CVE-2002-2168Thorsten Korner 123tkShop SQL注入漏洞
CVE-2002-2167Thorsten Korner 123tkShop任意文件包含漏洞
CVE-2002-2166e-Zone FuseTalk搜索结果跨站脚本漏洞
CVE-2002-2165IMHO Webmail Account Hijacking漏洞
CVE-2002-2161Kerio Personal Firewall多个SYN数据包服务拒绝漏洞
CVE-2002-2158ZenTrack Ticket.PHP信息泄露漏洞

Showing top 20 of 191 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2002-2150

No comments yet

Leave a comment