Home    |    View Topics    |    Search    |    Contact Us    |   



Category:   Device (Firewall)  >   Dell SonicWALL Vendors:   SonicWALL
SonicWALL Pro Can Be Crashed By Remote Users Due to Bug in Processing Large HTTP POST Requests
SecurityTracker Alert ID:  1006666
SecurityTracker URL:
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Apr 29 2003
Impact:   Denial of service via network
Exploit Included:  Yes  
Version(s): Pro, Version, ROM version
Description:   A denial of service vulnerability was reported in the SonicWALL Pro firewall device. A remote user can cause the device to reset.

It is reported that a remote user can send a large HTTP POST request to firewall's internal interface to cause the firewall to reset after approximately 15 to 20 seconds. The external interface was not tested.

According to the report, Nessus plugins #10012 and #100687 can trigger the flaw.

The vendor has reportedly been notified.

Impact:   A remote user can cause the firewall device to reset. A continued stream of attack packets could cause sustained denial of service conditions.
Solution:   No solution was available at the time of this entry.
Vendor URL: (Links to External Site)
Cause:   Exception handling error

Message History:   None.

 Source Message Contents

Subject:  SonicWall Pro DoS?

Came across an apparent problem on a SonicWall Pro running firmware 
version ROM version during a vulnerability assessment and 
couldn't find any other postings on this problem so fwiw.. the problem 
occurs when sending a large HTTP POST to the inside interface - may affect 
others just didn't test as the outside interface was blocked.  I was able 
to confirm this problem using two separate Nessus plugins (10012 and 
10687). The behavior of the firewall suggests a buffer overflow but since 
I'm not familiar with the internals of this system it's just a guess. 15-
20 seconds after sending the POST to the firewall the firewall goes 
through a reset cycle. This delay suggests to me a section of code that is 
being overwritten. At the very least, this is a Denial of Service problem. 
Vendor was notified of the problem.


Go to the Top of This SecurityTracker Archive Page

Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, LLC