Vulnerabilities > CVE-2002-2234 - Configuration vulnerability in Netscreen Screenos

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

netscreen

CWE-16

NVD

Published: 2002-12-31

Updated: 2008-09-05

Summary

NetScreen ScreenOS before 4.0.1 allows remote attackers to bypass the Malicious-URL blocking feature by splitting the URL into fragmented IP requests.

Vulnerable Configurations

Part	Description	Count
Application	Netscreen Netscreen Screenos 2.7.1 Netscreen Screenos 2.8 Netscreen Screenos 3.0 Netscreen Screenos 3.1 Netscreen Screenos 4.0	5

Common Weakness Enumeration (CWE)

CWE-16 - Configuration

References

http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0093.html
http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0094.html
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2002-11/0338.html
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2002-11/0347.html
http://www.iss.net/security_center/static/10699.php
http://www.securityfocus.com/bid/6245