Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: Possible WatchGuard Firebox II DoS
From: Steve Fallin <Steve.Fallin () WATCHGUARD COM>
Date: Fri, 17 Nov 2000 15:09:50 -0800

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On November 16, Bugtraq received a report and exploit code of a Denial
of Service (DoS) attack against the WatchGuard LiveSecurity System.

WatchGuard contacted the author of the report, and has since confirmed
that the Firebox does not properly handle resource exhaustion of some
proxied services (including FTP). Such a DoS may render some functions
of the firewall inoperable until it is rebooted. The DoS does not,
however, cause a security breach. Also, packet filtered traffic is
unaffected.

WatchGuard is currently testing a fix. The fix is expected to be
available early in the week of November 20th.

When the fix is published, current subscribers to our LiveSecurity
Service will receive a broadcast containing the fix and will be able
to download it from their personalized Web site at
https://www.watchguard.com/support. For more information on
WatchGuard's LiveSecurity Service, visit our Web site at
http://www.watchguard.com/products/wgls.html.

Sincerely,
Steve Fallin
Director, Rapid Response Team
WatchGuard Technologies, Inc.
-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.0.2

iQA/AwUBOhW7O03Vi9lbkWzpEQLhMACgrD1YDcKkyY5SinmHsvsKaHws7xYAoMJp
UrUyqXk7TtoY2godaSn94rQw
=V1RE
-----END PGP SIGNATURE-----


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]