[ advisories | exploits | discussions | news | conventions | security tools | texts & papers ]
 main menu
- feedback
- advertising
- privacy
- FightAIDS
- newsletter
- news
- read forum
- new topic
- search

- meetings list
- recent additions
- add your info
 top 100 sites
- visit top sites
- sign up now
- members

- add your url
- add domain
- search box
- link to us

- our projects
- free email
 m4d network
- security software
- secureroot
- m4d.com
Home : Advisories : Dos in Sonicwall SOHO firewall

Title: Dos in Sonicwall SOHO firewall
Released by: Raptor
Date: 29th November 2000
Printable version: Click here

i was just playing a bit with a Sonicwall SOHO firewall, to verify

performances and security of the product. I've noticed that using a

very long string (some hundreds of chars) as the User Name in the auth

page of the Sonicwall web server, the firewall reacts strangely: it

begins to refuse connections to the 80/tcp port and it stops routing

packets from the internal LAN. After about 30 seconds it apparently

returns normal.

I've verified this behaviour on Sonicwall SOHO firmware version 5.0.0, ROM

version 4.0.0. Anyway access to the configuration web server from the

external network is NOT enabled by default.

I contacted the vendor in the person of Todd Koopman 

and he said they already know that issue and they're going to fix it in

the next firmware release. I would like to thank him for the rapid

answer: i decided to post this vuln to BUGTRAQ 'cause i think customers

want to know the issue and eventually disable external access to the

Sonicwall web server. Also, some other similar products may be vulnerable

to the same bug.

I suggest the Sonicwall team to set up an e-mail account to receive

security reports about their products: i apologize if they already have

one, i wasn't able to find it on their website www.sonicwall.com.



Antifork Research, Inc. @ Mediaservice.net Srl

http://raptor.antifork.org http://www.mediaservice.net

(C) 1999-2000 All rights reserved.