CVE-2002-0990

Name of the Vulnerable Software and Affected Versions: Symantec Enterprise Firewall versions 6.5.2 through 7.0 Raptor Firewall versions 6.5 and 6.5.3 VelociRaptor (affected versions not specified) Symantec Gateway Security (affected versions not specified)

Description: The issue allows remote attackers to cause a denial of service, specifically connection resource exhaustion, by making multiple connection requests to domains with unresponsive or non-existent DNS servers. This results in a long timeout.

Recommendations: For Symantec Enterprise Firewall versions 6.5.2 through 7.0, consider implementing rate limiting on connection requests to mitigate the risk of denial of service. For Raptor Firewall versions 6.5 and 6.5.3, restrict access to the web proxy component until a fix is available. For VelociRaptor and Symantec Gateway Security, at the moment, there is no information about a newer version that contains a fix for this issue.