CVE-2002-0891

Description

The web interface (WebUI) of NetScreen ScreenOS before 2.6.1r8, and certain 2.8.x and 3.0.x versions before 3.0.3r1, allows remote attackers to cause a denial of service (crash) via a long user name.

Affected products

• Juniper / netscreen_screenos2.5 – 2.5
• Juniper / netscreen_screenos2.5r1 – 2.5r1
• Juniper / netscreen_screenos2.5r2 – 2.5r2
• Juniper / netscreen_screenos2.5r6 – 2.5r6
• Juniper / netscreen_screenos2.6.1 – 2.6.1
• Juniper / netscreen_screenos2.6.1r1 – 2.6.1r1
• Juniper / netscreen_screenos2.6.1r2 – 2.6.1r2
• Juniper / netscreen_screenos2.6.1r3 – 2.6.1r3
• Juniper / netscreen_screenos2.6.1r4 – 2.6.1r4
• Juniper / netscreen_screenos2.6.1r5 – 2.6.1r5
• Juniper / netscreen_screenos2.7.1 – 2.7.1
• Juniper / netscreen_screenos2.7.1r1 – 2.7.1r1
• Juniper / netscreen_screenos2.7.1r2 – 2.7.1r2
• Juniper / netscreen_screenos2.7.1r3 – 2.7.1r3
• Juniper / netscreen_screenos2.8_r1 – 2.8_r1
• Juniper / netscreen_screenos2.10_r3 – 2.10_r3
• Juniper / netscreen_screenos2.10_r4 – 2.10_r4
• Juniper / netscreen_screenos3.0.0 – 3.0.0
• Juniper / netscreen_screenos3.0.0r1 – 3.0.0r1
• Juniper / netscreen_screenos3.0.0r2 – 3.0.0r2
• Juniper / netscreen_screenos3.0.0r3 – 3.0.0r3
• Juniper / netscreen_screenos3.0.0r4 – 3.0.0r4
• Juniper / netscreen_screenos3.0.1r1 – 3.0.1r1

References

• MISChttp://www.iss.net/security_center/static/9186.php
• MISChttp://www.securityfocus.com/bid/4842
• MISChttp://online.securityfocus.com/archive/1/274240
• MISChttp://www.netscreen.com/support/ns25_reboot.html