Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

NSSI-2002-tpfw: Tiny Personal Firewall 3.0 Denial of Service Vulnerabilities

From: "Aaron Lu" <b45h3r () techie com>
Date: Tue, 20 Aug 2002 12:30:39 -0500
NSSI-Research Labs Security Advisory

http://www.nssolution.com (Ph)

"Maximum e-security"

http://nssilabs.nssolution.com

Tiny Personal Firewall 3.0 Denial of Service Vulnerabilities

Author: Aaron Tan Lu / b45h3r

e-Mail: aaron () nssolution com / b45h3r () techie com

Advisory Code: NSSI-2002-tpfw

Tested under Win2k Advance Server / WinNT 4.0

Vendor Status:  No Response for 1 1/2 weeks after the notice. They just informed us that they already gave notice to 
their Development team

Vendors website: http://www.tinysoftware.com

Severity: High

 

Overview

     Tiny Personal Firewall 3.0 is ideal for standalone computers or for trusted experienced users in corporate 
environment. It protects personal computers against network attacks, worms, trojans and viruses and manages the access 
of computer processes (programs) to computer resources (memory, files, devices). This was said on their web-site as it 
goes.  

Tiny Personal Firewall 3.0 for windows platform contains  Denial of Service vulnerabilities in its Personal Firewall 
Agent module specifically the activity logger tab. These vulnerabilities could allow an attacker to crash the operating 
system consuming 100% of your CPU resources. 

Details

1] DoS vulnerability with Tiny Personal Firewall 3.0 Default Installation

    - By simply portscanning the host with Tiny Personal Firewall 3.0 default install by sending multiple SYN, UDP,  
ICMP and TCP full Connect  through all its ports and as the user browses its Personal Firewall Agent module firewall 
Log tab.  The user can cause a crash to its own operating system by just clicking or viewing the Activity tab of the 
said module. 

Note: With WinNT 4.0 with Sp6a workaround is not possible.

2] IP spoofing and DoS vulnerability

    - It is quite similar to the first one but this vulnerability comes in with the fully configured Tiny Personal 
Firewall 3.0 and Setting up the personal firewall to HIGH Security. The Personal firewall is having problem blocking 
packets with Spoof source address <firewall's own IP address>.

Workaround:

1] Simply change the permission for the rules under System Applications on Inbound ICMP(LAN1) to ask user. 

2] This vulnerability has no work around. Even if you block all the IP addresses, protocols and ports, the Firewall 
will fail to handle the attack.

 

Any Questions? Suggestions? or Comments? let us know

e-mail: nssilabs () nssolution com / aaron () nssolution com / support () nssolution com

-- 
__________________________________________________________
Sign-up for your own FREE Personalized E-mail at Mail.com
http://www.mail.com/?sr=signup
Previous By Date Next
Previous By Thread Next

Current thread: