Details of VAR-200206-0067

ID

VAR-200206-0067

CVE

CVE-2002-0604

TITLE

Snapgear Lite+ The firewall is not working properly. IP Packets cause a denial of service attack vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200206-051

DESCRIPTION

Snapgear Lite+ firewall 1.5.3 and 1.5.4 allows remote attackers to cause a denial of service (crash) via a large number of packets with malformed IP options. Snapgear Lite+ is a device with integrated firewall, routing, and VPN support. The firewall is unable to handle IP packets with malformed IP options. Sending many such packets will eventually cause the firewall to crash

Trust: 1.26

sources: NVD: CVE-2002-0604 // BID: 4660 // VULHUB: VHN-4996

AFFECTED PRODUCTS

vendor:	snapgear	model:	lite\+ firewall	scope:	eq	version:	1.5.3	Trust: 1.6
vendor:	snapgear	model:	lite\+ firewall	scope:	eq	version:	1.5.4	Trust: 1.6
vendor:	snapgear	model:	lite+ firewall	scope:	eq	version:	1.5.4	Trust: 0.3
vendor:	snapgear	model:	lite+ firewall	scope:	eq	version:	1.5.3	Trust: 0.3
vendor:	snapgear	model:	lite+ firewall	scope:	ne	version:	1.6.0	Trust: 0.3

sources: BID: 4660 // CNNVD: CNNVD-200206-051 // NVD: CVE-2002-0604

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2002-0604
value:	MEDIUM
Trust: 1.0
CNNVD:	CNNVD-200206-051
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-4996
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2002-0604
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-4996
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-4996 // CNNVD: CNNVD-200206-051 // NVD: CVE-2002-0604

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2002-0604

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200206-051

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-200206-051

EXTERNAL IDS

db:	BID	id:	4660	Trust: 2.0
db:	NVD	id:	CVE-2002-0604	Trust: 2.0
db:	CNNVD	id:	CNNVD-200206-051	Trust: 0.7
db:	BUGTRAQ	id:	20020502 KPMG-2002017: SNAPGEAR LITE+ FIREWALL DENIAL OF SERVICE	Trust: 0.6
db:	XF	id:	8988	Trust: 0.6
db:	VULNWATCH	id:	20020502 [VULNWATCH] KPMG-2002017: SNAPGEAR LITE+ FIREWALL DENIAL OF SERVICE	Trust: 0.6
db:	VULHUB	id:	VHN-4996	Trust: 0.1

sources: VULHUB: VHN-4996 // BID: 4660 // CNNVD: CNNVD-200206-051 // NVD: CVE-2002-0604

REFERENCES

url:	http://www.securityfocus.com/bid/4660	Trust: 1.7
url:	http://www.snapgear.com/releases.html	Trust: 1.7
url:	http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0050.html	Trust: 1.7
url:	http://www.iss.net/security_center/static/8988.php	Trust: 1.7
url:	http://marc.info/?l=bugtraq&m=102035583114759&w=2	Trust: 1.0
url:	http://marc.theaimsgroup.com/?l=bugtraq&m=102035583114759&w=2	Trust: 0.6
url:	http://www.snapgear.com/liteplus.html	Trust: 0.3
url:	http://marc.info/?l=bugtraq&m=102035583114759&w=2	Trust: 0.1

sources: VULHUB: VHN-4996 // BID: 4660 // CNNVD: CNNVD-200206-051 // NVD: CVE-2002-0604

CREDITS

Peter Gründl※ pgrundl@kpmg.dk

Trust: 0.6

sources: CNNVD: CNNVD-200206-051

SOURCES

db:	VULHUB	id:	VHN-4996
db:	BID	id:	4660
db:	CNNVD	id:	CNNVD-200206-051
db:	NVD	id:	CVE-2002-0604

LAST UPDATE DATE

2025-04-03T22:26:25.848000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-4996	date:	2016-10-18T00:00:00
db:	BID	id:	4660	date:	2009-07-11T12:46:00
db:	CNNVD	id:	CNNVD-200206-051	date:	2005-10-20T00:00:00
db:	NVD	id:	CVE-2002-0604	date:	2025-04-03T01:03:51.193

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-4996	date:	2002-06-18T00:00:00
db:	BID	id:	4660	date:	2002-05-02T00:00:00
db:	CNNVD	id:	CNNVD-200206-051	date:	2002-05-02T00:00:00
db:	NVD	id:	CVE-2002-0604	date:	2002-06-18T04:00:00