Denial of Service in Watchguard Firebox VPN Service
CVE-2002-1046

Currently unrated

Key Information:

Vendor: Watchguard
Status: Soho Firewall; Firebox
Vendor: CVE Published:; 4 October 2002

Summary

The Dynamic VPN Configuration Protocol (DVCP) service in Watchguard Firebox firmware version 5.x.x is susceptible to a denial of service vulnerability. Attackers can exploit this weakness by sending specially crafted packets containing tab characters to TCP port 4110, which may lead to a crash of the affected system. This flaw highlights the importance of ensuring that networks are protected against malformed input that could disrupt service availability.

References

http://www.iss.net/security_center/static/9509.php

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/5186

vdb-entryx_refsource_BID

http://archives.neohapsis.com/archives/vulnwatch/2002-q3/...

mailing-listx_refsource_VULNWATCH

Timeline

Vulnerability published
Oct 4, 2002
Vulnerability Reserved
Aug 27, 2002