SonicWall Pro DoS?
From: Greg Smith (gsmith_at_cybercrews.com)
Date: 04/25/03
- Previous message: David Miller: "[BUGZILLA] Security Advisory - XSS, insecure temporary filenames"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 24 Apr 2003 23:04:13 -0000 To: bugtraq@securityfocus.com('binary' encoding is not supported, stored as-is)
Came across an apparent problem on a SonicWall Pro running firmware
version 6.4.0.1 ROM version 5.0.1.0 during a vulnerability assessment and
couldn't find any other postings on this problem so fwiw.. the problem
occurs when sending a large HTTP POST to the inside interface - may affect
others just didn't test as the outside interface was blocked. I was able
to confirm this problem using two separate Nessus plugins (10012 and
10687). The behavior of the firewall suggests a buffer overflow but since
I'm not familiar with the internals of this system it's just a guess. 15-
20 seconds after sending the POST to the firewall the firewall goes
through a reset cycle. This delay suggests to me a section of code that is
being overwritten. At the very least, this is a Denial of Service problem.
Vendor was notified of the problem.
- Previous message: David Miller: "[BUGZILLA] Security Advisory - XSS, insecure temporary filenames"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
