Title: Watchguard Firebox II FTP Proxy DoS Vulnerability
Severity: MODERATE
Description:
The Watchguard Firebox II is a popular hardware based firewall.
A vulnerability exists in the Firebox II that could allow a remote attacker to launch a Denial of Service attack against the FTP proxy of the firewall. If an attacker is able to connect to the FTP proxy and launch a connection flood, the proxy and the port the service is running on will hang and in the process, shutdown all other services on the firewall. Upon a successful attack, CPU utilization will become 100% and the firewall will have to be rebooted.
It should be noted that for an external attack to be successful, the FTP Proxy must be enabled on the untrusted interface (it is not enabled by default on the untrusted interface).
Affected Products:
- WatchGuard Firebox II 4.1.0
- WatchGuard Firebox II 4.5.0
References:
- WatchGuard Technologies Inc.: WatchGaurd Customer Support
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
