WatchGuard Firebox II kernel denial of service
| firebox-kernel-dos (6327) |  Medium Risk |
Description:
WatchGuard Firebox II is vulnerable to a denial of service attack, caused by a vulnerability in the Linux-based kernel. An attacker can send a burst of about 10,000 specially-crafted TCP or ICMP packets to the firewall to cause the kernel to fault, which causes the firewall to crash or restart.
Platforms Affected:
- WatchGuard, WatchGuard Firebox II prior to 4.6
Remedy:
Apply the patch for this vulnerability, available from the WatchGuard Web site. A subscription to LiveSecurity is required to obtain this patch. See References.
Consequences:
Denial of Service
References:
- Defcom Labs Advisory def-2001-18, Watchguard Firebox II Kernel DoS at http://archives.neohapsis.com/archives/bugtraq/2001-04/0054.html.
- WatchGuard Technologies Web site, WatchGuard Customer Support at http://www.watchguard.com/support.
- BID-2562: WatchGuard Firebox II High Malformed Packet Rate Denial of Service Vulnerability
- CVE-2001-0592: Watchguard Firebox II prior to 4.6 allows a remote attacker to create a denial of service in the kernel via a large stream (>10,000) of malformed ICMP or TCP packets.
Reported:
Apr 05, 2001
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net