Zyxel Zywall10 Denial Of Service Vulnerability

The Zywall10 is a hardware firewall appliance developed and distributed by Zyxel.

Under some circumstances, it may be possible to deny service to users of a Zyxel Zywall. When a spoofed arp packet is sent to an interface on the system with the IP address of the receiving interface, and an arbitrary MAC address, the Zywall puts the receiving interface in the down state. This could allow users capable of sending arp traffic to the firewall to prevent the firewall from passing traffic.


 

Privacy Statement
Copyright 2010, SecurityFocus