April 6, 2001

Watchguard Firebox II kernel DoS vulnerability

Author: JT Smith

From net-security.org: The Linux-based kernel in the Watchguard Firebox has
problems handling certain types of malformed packets. If
the firewall is subjected to a burst of around 10.000 of
these packets, it will cause a kernel fault and either
crash or reboot.

Both TCP and ICMP are affected by this and the burstrate
needed to achieve a kernel fault was about one megabit in
our testlab, which isn't that uncommon these days.


  • Linux
Click Here!