Title: Raptor Firewall Zero Length UDP Packet Resource Consumption Vulnerability
Severity: MODERATE
Description:
Raptor Firewall is a commercially available firewall implementation distributed by Symantec.
A problem with the firewall implementation could lead to a user denying service to legitimate users of network resources. The problem is in the handling of certain types of UDP packets.
Raptor uses various modules to proxy TCP/IP traffic across the firewall machine. The use of this module allows the firewall to perform content filtering, and filtering of undesired traffic.
When Raptor receives numerous zero length UDP packets, the machine hosting the firewall becomes processor bound. The firewall consumes 100 percent of CPU resources, and the machine becomes unresponsive. This results in a denial of services to legitimate users of network resources on either side of the firewall.
A reboot is required to resume normal system operation.
Affected Products:
- Symantec Raptor Firewall 4.0.0.0 HP-UX
- Symantec Raptor Firewall 5.0.3 Windows NT
- Symantec Raptor Firewall 6.0.2 Solaris
- Symantec Raptor Firewall 6.0.2 Windows NT
- Symantec Raptor Firewall 6.0.3 HP-UX
- Symantec Raptor Firewall 6.5.0 Windows NT
- Symantec VelociRaptor 1.0.0
- Symantec VelociRaptor 1.1.0
References:
- Remote-Exploit.org: Remote-Exploit.org
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
