• CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
ISS RealSecure 3.2.1 and 3.2.2 allows remote attackers to cause a denial of service via a flood of fragmented packets with the SYN flag set.
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
Assigning CNA
MITRE Corporation
Date Record Created
20000919 Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Modified (20001010)
Votes (Legacy)
ACCEPT(2) Cole, Levy
MODIFY(1) Frech
NOOP(1) Wall
REVIEWING(1) Christey
Comments (Legacy)
 Frech> XF:realsecure-rskill-dos
 Christey> CHANGEREF XF:realsecure-rskill-dos to XF:realsecure-frag-syn-dos?
 CHANGE> [Christey changed vote from NOOP to REVIEWING]
 Christey> In an email to on September 7, 2000, ISS says
   that Network Sensor 3.2.2 is affected by SYN flooding, but
   RealSecure 5.0 is not affected by Syn flooding.  In addition,
   they could not find conclusive evidence that RS 3.2.2 or 5.0
   was affected by IP fragmentation.  This seems to indicate
   that there are 2 *possible* problems: syn flooding (acknowledged
   by ISS) and fragmentation (unconfirmed).  Perhaps this
   candidate needs to be split, or its description should be
   rewritten to separate the 2 reported problems.
 Frech> XF:realsecure-rskill-dos(5133)

Proposed (Legacy)
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.