CVE-2002-1979 - Vulnerability Details - OpenCVE

WatchGuard SOHO products running firmware 5.1.6 and earlier, and Vclass/RSSA using 3.2 SP1 and earlier, allows remote attackers to bypass firewall rules by sending a PASV command string as the argument of another command to an FTP server, which generates a response that contains the string, causing IPFilter to treat the response as if it were a legitimate PASV command from the server.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Watchguard	Legacy Rssa Soho Vclass

Configuration 1 [-]

OR	cpe:2.3:h:watchguard:legacy_rssa::::::::
	cpe:2.3:h:watchguard:soho::::::::
	cpe:2.3:h:watchguard:vclass::::::::

No data.

References

Link	Providers
http://www.kb.cert.org/vuls/id/328867
http://www.kb.cert.org/vuls/id/AAMN-5EQR65

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2005-06-28T04:00:00

Updated: 2024-08-08T03:43:33.650Z

Reserved: 2005-06-29T00:00:00

Link: CVE-2002-1979

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2002-12-31T05:00:00.000

Modified: 2025-04-03T01:03:51.193

Link: CVE-2002-1979

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2002-10-17T00:00:00", "descriptions": [{"lang": "en", "value": "WatchGuard SOHO products running firmware 5.1.6 and earlier, and Vclass/RSSA using 3.2 SP1 and earlier, allows remote attackers to bypass firewall rules by sending a PASV command string as the argument of another command to an FTP server, which generates a response that contains the string, causing IPFilter to treat the response as if it were a legitimate PASV command from the server."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2009-04-03T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.kb.cert.org/vuls/id/AAMN-5EQR65"}, {"name": "VU#328867", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/328867"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2002-1979", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "WatchGuard SOHO products running firmware 5.1.6 and earlier, and Vclass/RSSA using 3.2 SP1 and earlier, allows remote attackers to bypass firewall rules by sending a PASV command string as the argument of another command to an FTP server, which generates a response that contains the string, causing IPFilter to treat the response as if it were a legitimate PASV command from the server."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.kb.cert.org/vuls/id/AAMN-5EQR65", "refsource": "CONFIRM", "url": "http://www.kb.cert.org/vuls/id/AAMN-5EQR65"}, {"name": "VU#328867", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/328867"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-08T03:43:33.650Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/AAMN-5EQR65"}, {"name": "VU#328867", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/328867"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2002-1979", "datePublished": "2005-06-28T04:00:00", "dateReserved": "2005-06-29T00:00:00", "dateUpdated": "2024-08-08T03:43:33.650Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:watchguard:legacy_rssa:*:*:*:*:*:*:*:*", "matchCriteriaId": "39A02CDD-085D-4351-B28C-5141005116DE", "versionEndIncluding": "3.2_sp1", "vulnerable": true}, {"criteria": "cpe:2.3:h:watchguard:soho:*:*:*:*:*:*:*:*", "matchCriteriaId": "A96FC683-AA27-426C-8D5F-46673722A06F", "versionEndIncluding": "5.1.6", "vulnerable": true}, {"criteria": "cpe:2.3:h:watchguard:vclass:*:*:*:*:*:*:*:*", "matchCriteriaId": "15144365-AD24-4654-A513-AF0D864ED38F", "versionEndIncluding": "3.2_sp1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "WatchGuard SOHO products running firmware 5.1.6 and earlier, and Vclass/RSSA using 3.2 SP1 and earlier, allows remote attackers to bypass firewall rules by sending a PASV command string as the argument of another command to an FTP server, which generates a response that contains the string, causing IPFilter to treat the response as if it were a legitimate PASV command from the server."}], "id": "CVE-2002-1979", "lastModified": "2025-04-03T01:03:51.193", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2002-12-31T05:00:00.000", "references": [{"source": "cve@mitre.org", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/328867"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.kb.cert.org/vuls/id/AAMN-5EQR65"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/328867"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://www.kb.cert.org/vuls/id/AAMN-5EQR65"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}