Home | FAQ | Contact | Privacy Policy
US-CERT
Vulnerability
Notes
Database

Search Vulnerability Notes

Vulnerability Notes Help Information
 

 View Notes By
Name

ID Number

CVE Name

Date Public

Date Published

Date Updated

Severity Metric

 Other Documents
Technical Alerts

Technical Bulletins

Alerts

Security Tips

WatchGuard Information for VU#471084

Date Notified:
Date Updated:
Statement Date:
Status Summary:Vulnerable

Vendor Statement

We have done further analysis in conjunction w/ the reporter and have found the following.

Our earlier tests conducted with a tool supplied by the reporter indicated that the information leak was limited to 18 bytes every 30 seconds. We have done further analysis in conjunction w/ the reporter using a different tool and have found the following:

Each instance of an attack would generate a copy of whatever was in the effected buffer. Unless the size of the ICMP payload changes from request to request it'll copy the same address in memory over and over again sending out whatever happens to be in that buffer at that instant. In our testing we observed that much of the data being leaked is the same. As the size of the payload changes, so does the address range within this buffer that the vulnerability effects.

We expect to have the fix available to customers by August 6th through WatchGuard's regular software distribution channels.

Please direct any questions regarding this or any other security issue with WatchGuard products to


Steve Fallin
Director, Rapid Response Team
WatchGuard Technologies, Inc.
++++++++++++++++++++++++++
http://www.watchguard.com
mailto:steve.fallin@watchguard.com

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.
 

Produced 2009 by US-CERT, a government organization
Disclaimers and copyright information