Title: Watchguard FireboxII Password Retrieval Vulnerability
Severity: HIGH
Description:
FireboxII is a firewall package available from WatchGuard Technologies. FireboxII systems are developed in various sizes and strengths, and are available in different models to fit enterprise needs.
A problem with the firmware may allow remote users with read-only access to gain elevated privileges. The problem occurs in the handling of passwords by the FireboxII system. It is possible for a user with read-only access to the firewall to initiate an SSL connection through the proprietory libraries included with the administration tools. Upon connecting and executing the MPF command, a user can retrieve the binary /var/lib/mpf/keys.gz from flash memory which contains the hashed passwords of both the read-only and read-write. A remote user can then initiate connections through the library, using the hashed read-write password to modify configuration. This problem makes it possible for a user with malicious motives to gain control of the firewall, and allow access to resources which may be restricted, or potentially deny service to the network.
Affected Products:
- WatchGuard FireboxII Firmware 4.0.0
- WatchGuard FireboxII Firmware 4.1.0
- WatchGuard FireboxII Firmware 4.2.0
- WatchGuard FireboxII Firmware 4.3.0
- WatchGuard FireboxII Firmware 4.4.0
- WatchGuard FireboxII Firmware 4.5.0
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
