[LWN Logo]
[Timeline]
Date:         Wed, 22 Nov 2000 19:54:32 -0800
From: Steve Fallin <Steve.Fallin@WATCHGUARD.COM>
Subject:      Re: Possible WatchGuard Firebox II DoS
To: BUGTRAQ@SECURITYFOCUS.COM

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


November 22, 2000

On November 16, Bugtraq received a report and exploit code of a Denial
of Service (DoS) attack against the WatchGuard LiveSecurity System
(version 4.5 and previous). WatchGuard investigated the author's claim
and verified the vulnerability. WatchGuard alerted all customers on
November 17, noting that a fix would follow soon. The supported fix is
now available and has been broadcast to all current LiveSecurity
Subscribers. For more information please see
https://www.watchguard.com/support/patches.html

Sincerely,
Steve Fallin
Director, Rapid Response Team
WatchGuard Technologies, Inc.






- -----Original Message-----
From: Steve Fallin
Sent: Friday, November 17, 2000 3:12 PM
To: BUGTRAQ@SECURITYFOCUS.COM
Subject: RE: Possible WatchGuard Firebox II DoS


- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On November 16, Bugtraq received a report and exploit code of a Denial
of Service (DoS) attack against the WatchGuard LiveSecurity System.

WatchGuard contacted the author of the report, and has since confirmed
that the Firebox does not properly handle resource exhaustion of some
proxied services (including FTP). Such a DoS may render some functions
of the firewall inoperable until it is rebooted. The DoS does not,
however, cause a security breach. Also, packet filtered traffic is
unaffected.

WatchGuard is currently testing a fix. The fix is expected to be
available early in the week of November 20th.

When the fix is published, current subscribers to our LiveSecurity
Service will receive a broadcast containing the fix and will be able
to download it from their personalized Web site at
https://www.watchguard.com/support. For more information on
WatchGuard's LiveSecurity Service, visit our Web site at
http://www.watchguard.com/products/wgls.html.

Sincerely,
Steve Fallin
Director, Rapid Response Team
WatchGuard Technologies, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.0.2

iQA/AwUBOhW7O03Vi9lbkWzpEQLhMACgrD1YDcKkyY5SinmHsvsKaHws7xYAoMJp
UrUyqXk7TtoY2godaSn94rQw
=V1RE
- -----END PGP SIGNATURE-----

-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.0.2

iQA/AwUBOhyVbk3Vi9lbkWzpEQLf0wCfauoYHC9XAxZaORXaRza8N9S7qEYAn10B
0HnJdxYI+byfLnQ0qTucL3ph
=MSgn
-----END PGP SIGNATURE-----