Watchguard Firebox II FTP Proxy DoS Vulnerability

The Watchguard Firebox II is a popular hardware based firewall.

A vulnerability exists in the Firebox II that could allow a remote attacker to launch a Denial of Service attack against the FTP proxy of the firewall. If an attacker is able to connect to the FTP proxy and launch a connection flood, the proxy and the port the service is running on will hang and in the process, shutdown all other services on the firewall. Upon a successful attack, CPU utilization will become 100% and the firewall will have to be rebooted.

It should be noted that for an external attack to be successful, the FTP Proxy must be enabled on the untrusted interface (it is not enabled by default on the untrusted interface).


Privacy Statement
Copyright 2010, SecurityFocus