Vulnerability

    Guardian

Affected

    Guardian firewall

Description

    Bjarne Carlsen found  following.  The  following scenario has  led
    to a hung  firewall, and consequently  no access to  the internet.
    Tested machine  was Acer  4100 PIII  350Mhz, Inside  NIC: HP 2585A
    100 Mbit/s VG, Outside NIC: HP 2573 10 Mbit/s.  Connections inside
    was private 10/100  VG corporate network  192.168.0.0/255.255.0.0.
    Outside:  10  Mbit/s  public  1.1.1.0/255.255.255.254.0, 10 Mbit/s
    public  2.2.2.0/255.255.255.240  2  Mbit/s  "  the  rest  of   the
    internet".  Software:  Win NT WKST 4.0 SP 5 and Guardian 4.11.

    Attack:

    1. TELNET through firewall to any host  supporting a line  editor,
       (in this example a LINUX-box was used).
    2. VI xxx.txt where xxx.txt > 1000 lines.
    3. Scroll down by pressing and holding the down-arrow key.
    4. After 10-15 seconds of scrolling the firewall stops responding,
       neccesitating a reload of strategies to continue operation.

Solution

    Nothing yet.