Format String Vulnerability in WatchGuard Firebox and RSSA Appliances
CVE-2002-1519

Currently unrated

Key Information:

Vendor: Watchguard
Status: Firebox; Rapidstream
Vendor: CVE Published:; 2 April 2003

Summary

A format string vulnerability exists in the command-line interface (CLI) of WatchGuard Firebox Vclass devices and RSSA Appliances. This flaw allows attackers to utilize format string specifiers in the password parameter, potentially resulting in a denial of service and the execution of arbitrary code. Careful attention to input validation is necessary to mitigate this security risk.

References

http://archives.neohapsis.com/archives/bugtraq/2002-09/03...

mailing-listx_refsource_BUGTRAQ

http://archives.neohapsis.com/archives/bugtraq/2002-09/03...

mailing-listx_refsource_BUGTRAQ

http://www.iss.net/security_center/static/10217.php

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Apr 2, 2003
Vulnerability Reserved
Feb 23, 2003