NetScreen Firewall Denial of Service Vulnerability
BID:2176
Info
NetScreen Firewall Denial of Service Vulnerability
| Bugtraq ID: | 2176 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: | |
| Remote: | Yes |
| Local: | Yes |
| Published: | Jan 08 2001 12:00AM |
| Updated: | Jan 08 2001 12:00AM |
| Credit: | Discovered and posted to Bugtraq by Nsfocus Security Team <[email protected]> on Jan 9, 2001. |
| Vulnerable: |
NetScreen ScreenOS 2.10 r3 NetScreen ScreenOS 2.5 r1 NetScreen ScreenOS 2.1 r6 NetScreen ScreenOS 1.73 r1 |
| Not Vulnerable: |
NetScreen ScreenOS 2.10 r4 NetScreen ScreenOS 2.5 r2 NetScreen ScreenOS 2.1 r7 NetScreen ScreenOS 1.73 r2 |
Discussion
NetScreen Firewall Denial of Service Vulnerability
NetScreen Firewall is a network appliance used to secure against intruders and various types of attacks to a network. NetScreen has a Web administrative Interface (WebUI) used to configure and set the firewall settings.
It is possible to cause a denial of service in NetScreen Firewall. Requesting an unusually long URL to WebUI listening on default port 80, will cause the firewall to crash. A restart of the service is required in order to gain normal functionality.
NetScreen Firewall is a network appliance used to secure against intruders and various types of attacks to a network. NetScreen has a Web administrative Interface (WebUI) used to configure and set the firewall settings.
It is possible to cause a denial of service in NetScreen Firewall. Requesting an unusually long URL to WebUI listening on default port 80, will cause the firewall to crash. A restart of the service is required in order to gain normal functionality.
Solution / Fix
NetScreen Firewall Denial of Service Vulnerability
Solution:
NetScreen has release a fix for this issue:
http://www.netscreen.com/support/updates.html
Solution:
NetScreen has release a fix for this issue:
http://www.netscreen.com/support/updates.html