Reported April 9, 2002, by Andreas Sandor.

VERSIONS AFFECTED

  • Watchguard SOHO Firebox, all firmware versions prior to 5.0.35

 

DESCRIPTION

A Denial of Service (DoS) condition exists within Watchguard’s SOHO Firebox product. Because the product doesn’t parse IP packets unless forwarding, an attacker can crash or reboot the server by sending packets with certain malformed arguments.

<span style="font-family:Verdana"> <p></p>
</h3>

VENDOR RESPONSE

 

The vendor, Watchguard, has released firmware 5.0.35 to fix this vulnerability and recommends that affected users upgrade their firmware to this version.

 

CREDIT
Discovered by Andreas Sandor.