[NEWS] Software Update Available for Legacy RapidStream Appliances and WatchGuard Firebox Vclass appliances

From: support@securiteam.com
Date: 09/30/02 

From: support@securiteam.com
To: list@securiteam.com
Date: Mon, 30 Sep 2002 16:36:25 +0200 (CEST)

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion

When was the last time you checked your server's security?
How about a monthly report?
http://www.AutomatedScanning.com - Know that you're safe.
- - - - - - - - -

  Software Update Available for Legacy RapidStream Appliances and WatchGuard
Firebox Vclass appliances
------------------------------------------------------------------------

SUMMARY

WatchGuard has released two HotFixes that addresses two security
vulnerabilities in their products:
 * A format string vulnerability in their password validation (During a
remote SSH connection).
 * Incorrect handling of incoming SSH connections can cause the connection
to stall after the user has disconnected (when he issues the -N option).

DETAILS

Products affected:
 * Vclass appliances running the current version of Vclass software
 * Legacy RSSA appliances running Vclass software
 * Legacy RSSA appliances that have not yet upgraded to Vclass software

WatchGuard is pleased to announce the immediate availability of the
following HotFixes for its Vclass line of appliances and Legacy RSSA
appliances.

 * Vclass 3.2 Hotfix 2, for Vclass and Legacy RSSA appliances running
Vclass software
 * RSSA Appliance v. 3.0.2 Hotfix 31, for Legacy RSSA appliances not yet
running Vclass software

These HotFixes include remediation for the following security-related bugs
in the Command Line Interface (CLI):

 * A "format strings" type of vulnerability in the password validation
code active during remote user login using SSH. The CLI program was
abnormally terminated when verifying a password having an invalid format.
This has been fixed.

 * The SSH connection was not closed when a client logged in with a -N (do
not execute remote command) option. This has been fixed.

These vulnerabilities in how the CLI handles unexpected input could be
exploited to gain root level access to the appliance. WatchGuard is not
aware of any functioning exploit code that will yield root level control
of the appliance although we believe that it is possible to develop such
code. These HotFixes eliminate the vulnerabilities.
        
WatchGuard recommends that all affected customers download, test and
install the appropriate version of this HotFix as soon as is practical. We
further recommend, as a matter of good practice, that you verify that only
trusted hosts can connect to the CLI.

WatchGuard thanks and acknowledges Joao Gouveia for his assistance in
isolating these vulnerabilities

How to obtain the HotFix:
 * If you are a Vclass product LiveSecurity Subscriber, obtain this HotFix
by downloading it from our LiveSecurity Web site
<https://www3.watchguard.com/archive/softwarecenter.asp>
https://www3.watchguard.com/archive/softwarecenter.asp which also includes
clear installation instructions in the release notes.

 * If you own a legacy RSSA appliance, have already registered your
product's RSSA support contract, and upgraded it to run Vclass software,
please proceed to the Legacy RSSA software download center
<http://watchguard.com/vars/rssa.asp> http://watchguard.com/vars/rssa.asp.

 * If you own a legacy RSSA appliance and have not yet upgraded to Vclass
software, you can download a version of the HotFix that is compatible with
your current software and a copy of the release notes from the Legacy RSSA
software download center <http://watchguard.com/vars/rssa.asp>
http://watchguard.com/vars/rssa.asp

 * If you own a legacy RSSA appliance and do not have a Standard or Gold
RSSA support contract, please register or purchase your support contract
for your RSSA product by contacting WatchGuard Support Administration
Department at +1.206.521.3575 between the hours of 6:00 am and 6:00 pm
Pacific Time (PST/PDT, GMT -8/-7), Monday through Friday, or via e-mail
at: <mailto:supportid@watchguard.com> supportid@watchguard.com. Please
have the serial number of your product(s) available when you contact us
and identify yourself as a "RapidStream RSSA customer." We will be happy
to answer any questions about WatchGuard's support programs at that time.

As always, if you need support, please enter a support incident online
<https://support.watchguard.com/incidents/NewIncident.asp?>
https://support.watchguard.com/incidents/NewIncident.asp? or call our
support staff directly:
U.S. Customers: 877.232.3531
International Customers: +1.360.482.1083
WatchGuard Partners: +1.206.521.8375

ADDITIONAL INFORMATION

The information has been provided by <mailto:Steve.Fallin@watchguard.com>
Steve Fallin.

========================================

This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com

====================
====================

DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.