SonicWALL Pro HTTP POST远程拒绝服务漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1202882 漏洞类型 输入验证
发布时间 2003-04-25 更新时间 2003-12-31
CVE编号 CVE-2003-1490 CNNVD-ID CNNVD-200312-374
漏洞平台 N/A CVSS评分 7.8
|漏洞来源
https://cxsecurity.com/issue/WLB-2007100112
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200312-374
|漏洞详情
SonicWALLPRO是功能齐全的互联网安全设备,专门为满足具有不断增长的VPN需要的大型网络而设计。SonicWALLPro防火墙在处理发送给内部接口的不寻常超大HTTPPOST请求存在问题,远程攻击者可以利用这个漏洞对设备进行拒绝服务攻击。此问题可能是由于缓冲区溢出原因造成,不过没有得到证实。
|漏洞EXP


Came across an apparent problem on a SonicWall Pro running firmware

version 6.4.0.1 ROM version 5.0.1.0 during a vulnerability assessment and

couldn't find any other postings on this problem so fwiw.. the problem

occurs when sending a large HTTP POST to the inside interface - may affect

others just didn't test as the outside interface was blocked.  I was able

to confirm this problem using two separate Nessus plugins (10012 and

10687). The behavior of the firewall suggests a buffer overflow but since

I'm not familiar with the internals of this system it's just a guess. 15-

20 seconds after sending the POST to the firewall the firewall goes

through a reset cycle. This delay suggests to me a section of code that is

being overwritten. At the very least, this is a Denial of Service problem.

Vendor was notified of the problem.
|参考资料

来源:XF
名称:sonicwallpro-http-post-dos(11876)
链接:http://xforce.iss.net/xforce/xfdb/11876
来源:BID
名称:7435
链接:http://www.securityfocus.com/bid/7435
来源:BUGTRAQ
名称:20030424SonicWallProDoS?
链接:http://www.securityfocus.com/archive/1/319712
来源:SREASON
名称:3291
链接:http://securityreason.com/securityalert/3291
来源:NSFOCUS
名称:4747
链接:http://www.nsfocus.net/vulndb/4747