Home page logo

bugtraq logo Bugtraq mailing list archives

DoS in Sonicwall SOHO firewall
From: Raptor <raptor () 0XDEADBEEF EU ORG>
Date: Wed, 29 Nov 2000 15:41:59 +0100

i was just playing a bit with a Sonicwall SOHO firewall, to verify
performances and security of the product. I've noticed that using a
very long string (some hundreds of chars) as the User Name in the auth
page of the Sonicwall web server, the firewall reacts strangely: it
begins to refuse connections to the 80/tcp port and it stops routing
packets from the internal LAN. After about 30 seconds it apparently
returns normal.

I've verified this behaviour on Sonicwall SOHO firmware version 5.0.0, ROM
version 4.0.0. Anyway access to the configuration web server from the
external network is NOT enabled by default.

I contacted the vendor in the person of Todd Koopman <toddk () sonicwall com>
and he said they already know that issue and they're going to fix it in
the next firmware release. I would like to thank him for the rapid
answer: i decided to post this vuln to BUGTRAQ 'cause i think customers
want to know the issue and eventually disable external access to the
Sonicwall web server. Also, some other similar products may be vulnerable
to the same bug.

I suggest the Sonicwall team to set up an e-mail account to receive
security reports about their products: i apologize if they already have
one, i wasn't able to find it on their website www.sonicwall.com.


Antifork Research, Inc.                 @ Mediaservice.net Srl
http://raptor.antifork.org              http://www.mediaservice.net

  By Date           By Thread  

Current thread:
  • DoS in Sonicwall SOHO firewall Raptor (Nov 30)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]