[17997] in bugtraq
Re: WatchGuard SOHO v2.2.1 DoS
daemon@ATHENA.MIT.EDU (Steve Fallin)
Sun Dec 10 19:12:35 2000
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Message-ID: <8D82D0C76653D411834100508BC872A40109A8B4@xs001sea.inside.sealabs.com>
Date: Fri, 8 Dec 2000 16:20:12 -0800
Reply-To: Steve Fallin <Steve.Fallin@WATCHGUARD.COM>
From: Steve Fallin <Steve.Fallin@WATCHGUARD.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On December 1, 2000, members of Securax in Belgium contacted
WatchGuard with details of a Denial of Service attack against our SOHO
class Fireboxes. Securax observed a low resource condition on the SOHO
that may lead to a system failure when a large number of web page
requests are sent to the management (HTTP) server on the SOHO itself.
The typical and recommended configuration for the SOHO is that these
pages only be available from the trusted network.
We are in contact with Securax and are trying to reproduce the
symptoms that they observed. Once the problem has been characterized
and resolved, WatchGuard will distribute the resolution to its
customers and post a notice
of resolution to this forum. If you have any information that may be
pertinent to this investigation, please forward it to
mailto:steve.fallin@watchguard.com
Sincerely
Steve Fallin
Director, Rapid Response Team
WatchGuard Technologies
-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.0.2
iQA/AwUBOjF7YU3Vi9lbkWzpEQKulQCg8+8pEu2pAdqeIGQK+/K/jSRXgk0Ani7S
h53u+KNYDMVLl5HePdQLG4Q7
=xiCV
-----END PGP SIGNATURE-----
