WatchGuard Firebox II FTP denial of service
| watchguard-firebox-ftp-dos (5535) |  Medium Risk |
Description:
WatchGuard Firebox II is vulnerable to a denial of service attack if external access to FTP Proxy is enabled, which is not the default setting. A remote attacker can connect to the FTP proxy port and flood the port to cause the port and the service to crash. This attack also crashes all other services on the device, and consumes up to 100% of the CPU resources. The firewall must be shutdown and restarted to regain normal functionality.
Platforms Affected:
- WatchGuard, WatchGuard Firebox II
Remedy:
Install WatchGuard hotfix 112000, available at the WatchGuard Software Patches page. See References
Consequences:
Denial of Service
References:
- BugTraq Mailing List, Thu Nov 16 2000 - 09:44:31 CST, Possible Watchguard Firebox II DoS at http://archives.neohapsis.com/archives/bugtraq/2000-11/0224.html.
- WatchGuard Software Patch 112000, Hotfix 112000 at https://www.watchguard.com/support/patches.asp.
- BID-1953: Watchguard Firebox II FTP Proxy DoS Vulnerability
- CVE-2000-1182: WatchGuard Firebox II allows remote attackers to cause a denial of service by flooding the Firebox with a large number of FTP or SMTP requests, which disables proxy handling.
Reported:
Nov 16, 2000
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
Copyright (c) 1994-2008 Internet Security Systems, Inc. All rights reserved worldwide.
For corrections or additions please email xforce@iss.net