What is the severity of CVE-2002-0891?

CVE-2002-0891 is classified as a denial of service vulnerability that can cause crashing of the affected device.

How do I fix CVE-2002-0891?

To fix CVE-2002-0891, upgrade the NetScreen ScreenOS to a version that is not affected, such as 2.6.1r8 or later.

Which versions of NetScreen ScreenOS are affected by CVE-2002-0891?

CVE-2002-0891 affects NetScreen ScreenOS versions before 2.6.1r8 and specific versions of 2.8.x and 3.0.x before 3.0.3r1.

Can CVE-2002-0891 be exploited remotely?

Yes, CVE-2002-0891 can be exploited remotely by sending a crafted long username to the web interface.

What should I do if I am using a vulnerable version of ScreenOS associated with CVE-2002-0891?

If you are using a vulnerable version of ScreenOS, it is essential to update to a secure version immediately to mitigate the risk.

Vulnerability/
CVE-2002-0891

medium

CWE

NVD-CWE-Other

4/10/2002

2/4/2003

8/8/2024

CVE-2002-0891

First published: Fri Oct 04 2002(Updated: )

The web interface (WebUI) of NetScreen ScreenOS before 2.6.1r8, and certain 2.8.x and 3.0.x versions before 3.0.3r1, allows remote attackers to cause a denial of service (crash) via a long user name.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Juniper ScreenOS	=2.6.1r2
Juniper ScreenOS	=2.6.1r1
Juniper ScreenOS	=2.5
Juniper ScreenOS	=2.7.1
Juniper ScreenOS	=2.5r6
Juniper ScreenOS	=2.8_r1
Juniper ScreenOS	=2.10_r4
Juniper ScreenOS	=2.6.1
Juniper ScreenOS	=3.0.0r3
Juniper ScreenOS	=3.0.0r1
Juniper ScreenOS	=2.5r2
Juniper ScreenOS	=2.10_r3
Juniper ScreenOS	=2.7.1r3
Juniper ScreenOS	=3.0.0
Juniper ScreenOS	=3.0.0r4
Juniper ScreenOS	=2.6.1r5
Juniper ScreenOS	=2.5r1
Juniper ScreenOS	=2.7.1r1
Juniper ScreenOS	=2.7.1r2
Juniper ScreenOS	=2.6.1r4
Juniper ScreenOS	=3.0.0r2
Juniper ScreenOS	=2.6.1r3
Juniper ScreenOS	=3.0.1r1

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2002-0891?
CVE-2002-0891 is classified as a denial of service vulnerability that can cause crashing of the affected device.
How do I fix CVE-2002-0891?
To fix CVE-2002-0891, upgrade the NetScreen ScreenOS to a version that is not affected, such as 2.6.1r8 or later.
Which versions of NetScreen ScreenOS are affected by CVE-2002-0891?
CVE-2002-0891 affects NetScreen ScreenOS versions before 2.6.1r8 and specific versions of 2.8.x and 3.0.x before 3.0.3r1.
Can CVE-2002-0891 be exploited remotely?
Yes, CVE-2002-0891 can be exploited remotely by sending a crafted long username to the web interface.
What should I do if I am using a vulnerable version of ScreenOS associated with CVE-2002-0891?
If you are using a vulnerable version of ScreenOS, it is essential to update to a secure version immediately to mitigate the risk.

agent/references
agent/type
agent/softwarecombine
agent/first-publish-date
collector/mitre-cve
source/MITRE
agent/severity
agent/author
agent/weakness
agent/last-modified-date
agent/description
agent/event
agent/source
agent/tags
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-index
vendor/juniper
canonical/juniper screenos
version/juniper screenos/2.6.1r2
version/juniper screenos/2.6.1r1
version/juniper screenos/2.5
version/juniper screenos/2.7.1
version/juniper screenos/2.5r6
version/juniper screenos/2.8_r1
version/juniper screenos/2.10_r4
version/juniper screenos/2.6.1
version/juniper screenos/3.0.0r3
version/juniper screenos/3.0.0r1
version/juniper screenos/2.5r2
version/juniper screenos/2.10_r3
version/juniper screenos/2.7.1r3
version/juniper screenos/3.0.0
version/juniper screenos/3.0.0r4
version/juniper screenos/2.6.1r5
version/juniper screenos/2.5r1
version/juniper screenos/2.7.1r1
version/juniper screenos/2.7.1r2
version/juniper screenos/2.6.1r4
version/juniper screenos/3.0.0r2
version/juniper screenos/2.6.1r3
version/juniper screenos/3.0.1r1