TUCoPS :: Network Appliances :: swall2.htm

SonicWALL SOHO firewall Buffer Overflow

    Sonicwall SOHO firewall


    Sonicwall SOHO firewall


    'Raptor'  found  following.   He  noticed  that  using a very long
    string (some hundreds of chars) as the User Name in the auth  page
    of the  Sonicwall web  server, the  firewall reacts  strangely: it
    begins  to  refuse  connections  to  the  80/tcp port and it stops
    routing packets from the internal  LAN. After about 30 seconds  it
    apparently returns normal.

    'Raptor'  verified  this  behaviour  on  Sonicwall  SOHO  firmware
    version  5.0.0,  ROM   version  4.0.0.    Anyway  access  to   the
    configuration web server from the external network is NOT  enabled
    by default.

    Doing some  additional tests  'Raptor' discovered  that the  thing
    reboots  also  when  it  receives  "strange"  HTTP  requests.  For

        voodoo:~$ telnet 80
        Connected to
        Escape character is '^]'.
        (then press <CR>)

    It works also with POST  method: after some seconds the  Sonicwall
    SOHO is rebooted.


    SonicWALL,  Inc.  has  released  a  firmware patch to address this
    issue.  To receive  this firmware patch, please  contact SonicWALL
    support     (http://techsupport.sonicwall.com/swtech.html)     and
    reference bugtraq id 2013.

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH