CVE-2002-0538

5 documents4 sources

Severity

7.5HIGH

EPSS

2.9%

top 13.65%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Symantec Enterprise Firewall Symantec Gateway Security Symantec Raptor Firewall +1 more

Timeline

PublishedJul 3

Latest updateApr 30

Description

FTP proxy in Symantec Raptor Firewall 6.5.3 and Enterprise 7.0 rewrites an FTP server's "FTP PORT" responses in a way that allows remote attackers to redirect FTP data connections to arbitrary ports, a variant of the "FTP bounce" vulnerability.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages4 packages

▶NVDsymantec/raptor_firewall6.5, 6.5.3+1

▶NVDsymantec/enterprise_firewall6.5.2, 7.0+1

▶NVDsymantec/velociraptor1.x

▶NVDsymantec/gateway_security1.0

Patches

Patch: securityresponse.symantec.com ↗Patch: www.iss.net ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-m8wm-g2fv-r2mc: FTP proxy in Symantec Raptor Firewall 6↗2022-04-30

▶

CVEList

CVE-2002-0538: FTP proxy in Symantec Raptor Firewall 6↗2003-04-02

▶

💥Exploits & PoCs

Exploit-DB

Microsoft Outlook 98/2000/2002 - Arbitrary Code Execution↗2001-07-12

▶

Exploit-DB

Microsoft Outlook 98/2000/2002 - Unauthorized Email Access↗2001-07-12

▶