Ingate Firewall and SIParator Remote SSL/TLS Handshake Denial Of Service Vulnerability
BID:18318
CVE-2006-2924 |Info
Ingate Firewall and SIParator Remote SSL/TLS Handshake Denial Of Service Vulnerability
| Bugtraq ID: | 18318 |
| Class: | Unknown |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Jun 07 2006 12:00AM |
| Updated: | Jun 07 2006 09:47PM |
| Credit: | This issue was reported by the vendor. |
| Vulnerable: |
Ingate SIParator 4.3.4 Ingate SIParator 4.3.3 Ingate SIParator 4.3.2 Ingate SIParator 4.3.1 Ingate SIParator 4.3 Ingate SIParator 4.2.3 Ingate SIParator 4.2.2 Ingate SIParator 4.2.1 Ingate SIParator 3.3.1 Ingate SIParator 3.2.1 Ingate SIParator 3.2 Ingate SIParator 4.4 Ingate Firewalll 4.4 Ingate Firewall 4.3.4 Ingate Firewall 4.3.3 Ingate Firewall 4.3.2 Ingate Firewall 4.3.1 Ingate Firewall 4.3 Ingate Firewall 4.2 .3 Ingate Firewall 4.2 .2 Ingate Firewall 4.2 .1 Ingate Firewall 4.1.3 Ingate Firewall 3.3.1 Ingate Firewall 3.2.1 Ingate Firewall 3.2 |
| Not Vulnerable: |
Ingate SIParator 4.4.1 Ingate Firewall 4.4.1 |
Discussion
Ingate Firewall and SIParator Remote SSL/TLS Handshake Denial Of Service Vulnerability
Ingate Firewall and SIParator products are prone to a remote denial-of-service vulnerability.
This issue allows remote attackers to cause affected services to crash and restart, potentially denying service to legitimate users.
This vulnerability is exploitable only if SSL/TLS has been enabled in the SIP module or in the webserver.
Versions of Ingate Firewall and SIParator prior to 4.4.1 are vulnerable to this issue.
Ingate Firewall and SIParator products are prone to a remote denial-of-service vulnerability.
This issue allows remote attackers to cause affected services to crash and restart, potentially denying service to legitimate users.
This vulnerability is exploitable only if SSL/TLS has been enabled in the SIP module or in the webserver.
Versions of Ingate Firewall and SIParator prior to 4.4.1 are vulnerable to this issue.
Exploit / POC
Ingate Firewall and SIParator Remote SSL/TLS Handshake Denial Of Service Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]
Solution / Fix
Ingate Firewall and SIParator Remote SSL/TLS Handshake Denial Of Service Vulnerability
Solution:
The vendor has released version 4.4.1 of the affected products to address this issue. Please contact the vendor for further information on obtaining fixes.
Solution:
The vendor has released version 4.4.1 of the affected products to address this issue. Please contact the vendor for further information on obtaining fixes.
References
Ingate Firewall and SIParator Remote SSL/TLS Handshake Denial Of Service Vulnerability
References:
References: