Sign-up

ID

VAR-200206-0064


CVE

CVE-2002-0601


TITLE

The ISS RealSecure Network Sensor fails to properly process certain types of DHCP traffic.

Trust: 0.8

sources: CERT/CC: VU#101915

DESCRIPTION

ISS RealSecure Network Sensor 5.x through 6.5 allows remote attackers to cause a denial of service (crash) via malformed DHCP packets that cause RealSecure to dereference a null pointer. ISS RealSecure Network Sensor "informational signatures" fail to properly process certain types of DHCP traffic, thereby causing the sensor to crash. RealSecure is the commercial Intrusion Detection System (IDS) distributed and maintained by ISS. RealSecure becomes unstable when processing some of the DHCP signatures packaged with the system. Due to the construction of the three DHCP signatures (DHCP_ACK - 7131, DHCP_Discover - 7132, and DHCP_Request - 7133), the RealSecure software may become unstable and crash. This is due to the software attempting to dereference a null pointer. If the sensor is disabled, further attacks may go unnoticed. Vulnerabilities exist in ISS RealSecure Network Sensor versions 5.x to 6.5

Trust: 2.7

sources: NVD: CVE-2002-0601 // CERT/CC: VU#101915 // JVNDB: JVNDB-2002-000103 // BID: 4649 // VULHUB: VHN-4993

AFFECTED PRODUCTS

vendor:information securitymodel:realsecure network sensorscope:eqversion:5.5_xpu_3.4

Trust: 1.6

vendor:information securitymodel:realsecure network sensorscope:eqversion:6.0_xpu_3.4

Trust: 1.6

vendor:information securitymodel:realsecure network sensorscope:eqversion:5.5.1_xpu_3.4

Trust: 1.6

vendor:information securitymodel:realsecure network sensorscope:eqversion:6.5

Trust: 1.6

vendor:information securitymodel:realsecure network sensorscope:eqversion:5.5.2_xpu_3.4

Trust: 1.6

vendor:information securitymodel:realsecure network sensorscope:eqversion:5.0_xpu_3.4

Trust: 1.6

vendor:internet securitymodel: - scope: - version: -

Trust: 0.8

vendor:the internet securitymodel:realsecure network sensorscope:eqversion:5.0

Trust: 0.8

vendor:the internet securitymodel:realsecure network sensorscope:eqversion:6.0

Trust: 0.8

vendor:the internet securitymodel:realsecure network sensorscope:eqversion:6.5

Trust: 0.8

vendor:internetmodel:security systems realsecure network sensorscope:eqversion:6.5

Trust: 0.3

vendor:internetmodel:security systems realsecure network sensor xpuscope:eqversion:6.03.4

Trust: 0.3

vendor:internetmodel:security systems realsecure network sensor xpuscope:eqversion:5.5.23.4

Trust: 0.3

vendor:internetmodel:security systems realsecure network sensor xpuscope:eqversion:5.5.13.4

Trust: 0.3

vendor:internetmodel:security systems realsecure network sensor xpuscope:eqversion:5.53.4

Trust: 0.3

vendor:internetmodel:security systems realsecure network sensor xpuscope:eqversion:5.03.4

Trust: 0.3

sources: CERT/CC: VU#101915 // BID: 4649 // JVNDB: JVNDB-2002-000103 // CNNVD: CNNVD-200206-004 // NVD: CVE-2002-0601

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2002-0601
value: MEDIUM

Trust: 1.0

CARNEGIE MELLON: VU#101915
value: 4.73

Trust: 0.8

NVD: CVE-2002-0601
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-200206-004
value: MEDIUM

Trust: 0.6

VULHUB: VHN-4993
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2002-0601
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-4993
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CERT/CC: VU#101915 // VULHUB: VHN-4993 // JVNDB: JVNDB-2002-000103 // CNNVD: CNNVD-200206-004 // NVD: CVE-2002-0601

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2002-0601

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200206-004

TYPE

unknown

Trust: 0.6

sources: CNNVD: CNNVD-200206-004

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2002-000103

PATCH
title:advise116url:http://xforce.iss.net/xforce/alerts/id/advise116
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2002-000103

EXTERNAL IDS
db:BIDid:4649
Trust: 3.6
db:NVDid:CVE-2002-0601
Trust: 2.5
db:OSVDBid:5165
Trust: 1.7
db:CERT/CCid:VU#101915
Trust: 1.6
db:JVNDBid:JVNDB-2002-000103
Trust: 0.8
db:CNNVDid:CNNVD-200206-004
Trust: 0.7
db:ISSid:20020430 REMOTE DENIAL OF SERVICE VULNERABILITY IN REALSECURE NETWORK SENSOR
Trust: 0.6
db:XFid:8961
Trust: 0.6
db:BUGTRAQid:20020430 ISS ADVISORY: REMOTE DENIAL OF SERVICE VULNERABILITY IN REALSECURE NETWORK SENSOR
Trust: 0.6
db:VULHUBid:VHN-4993
Trust: 0.1
sources:
            
            
            CERT/CC: VU#101915 // 
            
            
            
            VULHUB: VHN-4993 // 
            
            
            
            BID: 4649 // 
            
            
            
            JVNDB: JVNDB-2002-000103 // 
            
            
            
            CNNVD: CNNVD-200206-004 // 
            
            
            
            NVD: CVE-2002-0601

REFERENCES
url:http://www.securityfocus.com/bid/4649
Trust: 3.3
url:http://archives.neohapsis.com/archives/bugtraq/2002-04/0420.html
Trust: 1.7
url:http://www.iss.net/security_center/alerts/advise116.php
Trust: 1.7
url:http://www.osvdb.org/5165
Trust: 1.7
url:http://www.iss.net/security_center/static/8961.php
Trust: 1.7
url:http://bvlive01.iss.net/issen/delivery/xforce/alertdetail.jsp?id=advise116
Trust: 0.8
url:http://www.iss.net/products_services/enterprise_protection/rsnetwork/sensor.php
Trust: 0.8
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2002-0601
Trust: 0.8
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2002-0601
Trust: 0.8
url:http://www.kb.cert.org/vuls/id/101915
Trust: 0.8
sources:
            
            
            CERT/CC: VU#101915 // 
            
            
            
            VULHUB: VHN-4993 // 
            
            
            
            JVNDB: JVNDB-2002-000103 // 
            
            
            
            CNNVD: CNNVD-200206-004 // 
            
            
            
            NVD: CVE-2002-0601

CREDITS
Vulnerability announced by ISS X-Force.
Trust: 0.3
sources:
            
            
            BID: 4649

SOURCES
db:CERT/CCid:VU#101915
db:VULHUBid:VHN-4993
db:BIDid:4649
db:JVNDBid:JVNDB-2002-000103
db:CNNVDid:CNNVD-200206-004
db:NVDid:CVE-2002-0601

LAST UPDATE DATE
2025-04-03T22:22:04.565000+00:00

SOURCES UPDATE DATE
db:CERT/CCid:VU#101915date:2003-03-14T00:00:00
db:VULHUBid:VHN-4993date:2008-09-05T00:00:00
db:BIDid:4649date:2002-04-30T00:00:00
db:JVNDBid:JVNDB-2002-000103date:2007-04-01T00:00:00
db:CNNVDid:CNNVD-200206-004date:2006-08-23T00:00:00
db:NVDid:CVE-2002-0601date:2025-04-03T01:03:51.193

SOURCES RELEASE DATE
db:CERT/CCid:VU#101915date:2003-03-11T00:00:00
db:VULHUBid:VHN-4993date:2002-06-18T00:00:00
db:BIDid:4649date:2002-04-30T00:00:00
db:JVNDBid:JVNDB-2002-000103date:2007-04-01T00:00:00
db:CNNVDid:CNNVD-200206-004date:2002-06-18T00:00:00
db:NVDid:CVE-2002-0601date:2002-06-18T04:00:00