Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:3186
HistoryJul 09, 2002 - 12:00 a.m.

KPMG-2002030: Watchguard Firebox Dynamic VPN Configuration Protocol DoS

2002-07-0900:00:00
vulners.com
18
JSON

Title: Watchguard Firebox Dynamic VPN Configuration Protocol DoS

BUG-ID: 2002030
Released: 9th Jul 2002

Problem:

A malicious user can crash the Dynamic VPN Configuration Protocol
service (DVCP) by sending a malformed packet to the listener service
on TCP port 4110.

Vulnerable:

  • Watchguard Firebox firmware v5.x.x

Not Vulnerable:

  • Watchguard Firebox firmware v6.0.b1140

Product Description:

Quoted from the vendor webpage:

"The WatchGuardยฎ Firebox System is a powerful security solution that
gives small and medium sized businesses, central offices, and VPN
hubs integrated firewall protection and VPN support."

"About DVCP
DVCP is a WatchGuard client server protocol that securely transmits
IPSec VPN configuration information to WatchGuard Fireboxes. Network
administrators use WatchGuard software to define each configuration
aspect of the VPN, such as encryption algorithms and how often keys
will be negotiated, then the settings are stored on a centrally
located DVCP Server.When a Firebox is installed and initialized with
software and instructions, a software client on the Firebox contacts
the central DVCP server to obtain IPSec policy information using a
secure protocol."

Details:

The DVCP service can be crashed using anywhere between 1 and 400
packets of tab characters, followed by a CRLF. The firewall needs to
be rebooted for the DVCP service to function again.

Vendor URL:

You can visit the vendor webpage here: http://www.watchguard.com

Vendor response:

The vendor was notified on the 8th of May, 2002. On the 23rd of
May, 2002 the vendor notified us that the issue would be resolved
in the next version (6.x). On the 9th of July we verified that
the problem was resolved in the new firmware version.

Corrective action:

Upgrade to firmware version 6.x, available at the livesecurity
website. If you are not a subscriber to the livesecurity service,
please contact Watchguard support further assistance.

Authors:
Andreas Sandor ([email protected])
Peter Gründl ([email protected])

KPMG is not responsible for the misuse of the information we provide
through our security advisories. These advisories are a service to
the professional security community. In no event shall KPMG be lia-
ble for any consequences whatsoever arising out of or in connection
with the use or spread of this information.

JSON