CVE-2002-0133 - Vulnerability Details - OpenCVE

Buffer overflows in Avirt Gateway Suite 4.2 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) long header fields to the HTTP proxy, or (2) a long string to the telnet proxy.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

The EPSS score is 0.04362.

Key SSVC decision points have not yet been added.

Vendors	Products
Avirt Subscribe	Avirt Gateway Subscribe Avirt Gateway Suite Subscribe Avirt Soho Subscribe

Configuration 1 [-]

OR	cpe:2.3:a:avirt:avirt_gateway:4.2:::::::*
	cpe:2.3:a:avirt:avirt_gateway_suite:4.2:::::::*
	cpe:2.3:a:avirt:avirt_soho:4.2:::::::*

No data.

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2002-0133	Buffer overflows in Avirt Gateway Suite 4.2 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) long header fields to the HTTP proxy, or (2) a long string to the telnet proxy.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
http://marc.info/?l=bugtraq&m=101164598828092&w=2
http://marc.info/?l=bugtraq&m=101366658112809&w=2
http://marc.info/?l=bugtraq&m=101424723728817&w=2
http://online.securityfocus.com/archive/1/251055
http://www.iss.net/security_center/static/7916.php
http://www.iss.net/security_center/static/7918.php
http://www.securityfocus.com/bid/3904
http://www.securityfocus.com/bid/3905

History

No history.

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2002-03-15T05:00:00

Updated: 2024-08-08T02:42:27.529Z

Reserved: 2002-03-15T00:00:00

Link: CVE-2002-0133

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2002-03-25T05:00:00.000

Modified: 2025-04-03T01:03:51.193

Link: CVE-2002-0133

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

NVD-CWE-Other

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2002-01-17T00:00:00", "descriptions": [{"lang": "en", "value": "Buffer overflows in Avirt Gateway Suite 4.2 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) long header fields to the HTTP proxy, or (2) a long string to the telnet proxy."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-10-17T13:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "avirt-telnet-proxy-bo(7918)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "http://www.iss.net/security_center/static/7918.php"}, {"name": "20020212 Avirt Gateway 4.2 remote buffer overflow: proof of concept", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://marc.info/?l=bugtraq&m=101366658112809&w=2"}, {"name": "20020121 [resend] Avirt Gateway Telnet Vulnerability (and more?)", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://marc.info/?l=bugtraq&m=101164598828092&w=2"}, {"name": "20020117 Avirt Proxy Buffer Overflow Vulnerabilities", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://online.securityfocus.com/archive/1/251055"}, {"name": "avirt-http-proxy-bo(7916)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "http://www.iss.net/security_center/static/7916.php"}, {"name": "3905", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/3905"}, {"name": "3904", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/3904"}, {"name": "20020220 Avirt 4.2 question", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://marc.info/?l=bugtraq&m=101424723728817&w=2"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2002-0133", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Buffer overflows in Avirt Gateway Suite 4.2 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) long header fields to the HTTP proxy, or (2) a long string to the telnet proxy."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "avirt-telnet-proxy-bo(7918)", "refsource": "XF", "url": "http://www.iss.net/security_center/static/7918.php"}, {"name": "20020212 Avirt Gateway 4.2 remote buffer overflow: proof of concept", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq&m=101366658112809&w=2"}, {"name": "20020121 [resend] Avirt Gateway Telnet Vulnerability (and more?)", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq&m=101164598828092&w=2"}, {"name": "20020117 Avirt Proxy Buffer Overflow Vulnerabilities", "refsource": "BUGTRAQ", "url": "http://online.securityfocus.com/archive/1/251055"}, {"name": "avirt-http-proxy-bo(7916)", "refsource": "XF", "url": "http://www.iss.net/security_center/static/7916.php"}, {"name": "3905", "refsource": "BID", "url": "http://www.securityfocus.com/bid/3905"}, {"name": "3904", "refsource": "BID", "url": "http://www.securityfocus.com/bid/3904"}, {"name": "20020220 Avirt 4.2 question", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq&m=101424723728817&w=2"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-08T02:42:27.529Z"}, "title": "CVE Program Container", "references": [{"name": "avirt-telnet-proxy-bo(7918)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "http://www.iss.net/security_center/static/7918.php"}, {"name": "20020212 Avirt Gateway 4.2 remote buffer overflow: proof of concept", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=101366658112809&w=2"}, {"name": "20020121 [resend] Avirt Gateway Telnet Vulnerability (and more?)", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=101164598828092&w=2"}, {"name": "20020117 Avirt Proxy Buffer Overflow Vulnerabilities", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://online.securityfocus.com/archive/1/251055"}, {"name": "avirt-http-proxy-bo(7916)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "http://www.iss.net/security_center/static/7916.php"}, {"name": "3905", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/3905"}, {"name": "3904", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/3904"}, {"name": "20020220 Avirt 4.2 question", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=101424723728817&w=2"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2002-0133", "datePublished": "2002-03-15T05:00:00", "dateReserved": "2002-03-15T00:00:00", "dateUpdated": "2024-08-08T02:42:27.529Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:avirt:avirt_gateway:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "366D7DA0-C73C-4ABC-931D-ED24082EC751", "vulnerable": true}, {"criteria": "cpe:2.3:a:avirt:avirt_gateway_suite:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "E44ECB72-BA5B-4BB4-86C7-2FF9F285229B", "vulnerable": true}, {"criteria": "cpe:2.3:a:avirt:avirt_soho:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "C44DE6DB-B95F-4F74-8217-30E3B5D21D2A", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Buffer overflows in Avirt Gateway Suite 4.2 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) long header fields to the HTTP proxy, or (2) a long string to the telnet proxy."}, {"lang": "es", "value": "El desbordamiento del buffer en Avirt Gateway Suite 4.2 permite a atacantes remotos causar fallos de denegaci\u00f3n de servicio y la posible ejecuci\u00f3n de c\u00f3digo arbitrario por dos v\u00edas:1: un campo de cabecera largo al proxy HTTP.2: una cadena de caracteres larga al proxy telnet."}], "id": "CVE-2002-0133", "lastModified": "2025-04-03T01:03:51.193", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2002-03-25T05:00:00.000", "references": [{"source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq&m=101164598828092&w=2"}, {"source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq&m=101366658112809&w=2"}, {"source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq&m=101424723728817&w=2"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://online.securityfocus.com/archive/1/251055"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.iss.net/security_center/static/7916.php"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.iss.net/security_center/static/7918.php"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/3904"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/3905"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq&m=101164598828092&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq&m=101366658112809&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq&m=101424723728817&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://online.securityfocus.com/archive/1/251055"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.iss.net/security_center/static/7916.php"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.iss.net/security_center/static/7918.php"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/3904"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/3905"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}