Ingate Firewall and SIParator SSL/TLS handshake denial of service

ingate-ssltls-dos (26977) The risk level is classified as MediumMedium Risk

Description:

Ingate Firewall and Ingate SIParator are vulnerable to a denial of service attack, caused by unspecified errors in the SIP module. If TLS is enabled for the SIP module or SSL/TLS is enabled for the Web server, a remote attacker could send a specially-crafted SSL/TLS handshake to cause the affected module to crash and restart.


Consequences:

Denial of Service

Remedy:

Upgrade to the latest version of Ingate Firewall or Ingate SIParator (4.4.1 or later), available from the Ingate Web site. See References.

References:

  • Ingate Web site: Release notice for Ingate FirewallŪ 4.4.1 and Ingate SIParatorŪ 4.4.1.
  • BID-18318: Ingate Firewall and SIParator Remote SSL/TLS Handshake Denial Of Service Vulnerability
  • CVE-2006-2924: Ingate Firewall in the SIP module before 4.4.1 and SIParator before 4.4.1, when TLS is enabled or when SSL/TLS is enabled in the web server, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake.
  • SA20479: Ingate Firewall and SIParator Two Vulnerabilities
  • SECTRACK ID: 1016244: Ingate Firewall Bugs Let Remote Users Deny Service and Conduct Cross-Site Scripting Attacks
  • SECTRACK ID: 1016245: Ingate SIParator Bugs Let Remote Users Deny Service and Conduct Cross-Site Scripting Attacks
  • VUPEN/ADV-2006-2183: Ingate Firewall and SIParator Denial of Service and Cross Site Scripting Vulnerabilities

Platforms Affected:

  • Ingate Ingate Firewall prior to 4.4.1
  • Ingate Ingate SIParator prior to 4.4.1

Reported:

May 30, 2006

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page