DOS issue in Astaro Version 7 packet filter reporting, POSSIBLE security issue in POP3 proxy

[William Warren <hescominsoon () emmanuelcomputerconsulting com>]

I have details about the DOS issue on my blog with links to the Astaro 
forums.

http://www.hescominsoon.com/archives/773

Version affected:
ALL Version 7 systems.

This is easily reproducible.  Just setup a BT client behind the astaro 
and do not setup a packetfilter and NAT rule for the BT traffic.  This 
way all the incoming return traffic is blocked.  Go download something 
like the Centos DVD torrent.  Some machine(like mine) are easy to bring 
down.  Others take a time longer.  The pfilter-repoter.pl file will peg 
the cpu for an exorbitant amount of time.  Before 7.006 it would take 
the machine offline.  7.006 partially mitigates in my testing but not fully.


For the pop3 Proxy if you set an attachment size limit, any attachments 
over that size are NOT scanned and allowed to pass through instead of 
being quarantined.

These are not critical events but are issues nonetheless.



--
My "Foundation" verse:
Isa 54:17  No weapon that is formed against thee shall prosper; and 
every tongue that shall rise against thee in judgment thou shalt 
condemn. This is the heritage of the servants of the LORD, and their 
righteousness is of me, saith the LORD.

-- carpe ductum -- "Grab the tape"
CDTT (Certified Duct Tape Technician)

Linux user #322099
Machines:
206822
256638
276825
http://counter.li.org/