多家厂商PC防火墙自动阻挡操作远程拒绝服务攻击漏洞

多家厂商PC防火墙自动阻挡操作远程拒绝服务攻击漏洞

漏洞ID 1107034 漏洞类型 配置错误
发布时间 2002-10-08 更新时间 2002-12-31
图片[1]-多家厂商PC防火墙自动阻挡操作远程拒绝服务攻击漏洞-安全小百科CVE编号 CVE-2002-2336
图片[2]-多家厂商PC防火墙自动阻挡操作远程拒绝服务攻击漏洞-安全小百科CNNVD-ID CNNVD-200212-557
漏洞平台 Windows CVSS评分 4.3
|漏洞来源
https://www.exploit-db.com/exploits/21915
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200212-557
|漏洞详情
很多PC防火墙具有对恶意攻击自动阻挡功能。多家厂商的PC防火墙的自动阻挡功能存在设计问题,远程攻击者可以利用这个漏洞进行拒绝服务攻击。在默认安装的情况下,多种个人防火墙软件拥有自动阻挡(auto-block)功能,它能对恶意攻击的源地址进行自动阻挡,如果攻击者以伪造地址向个人防火墙发送一种高危险级别的攻击,这些防火墙会自动的不进行任何调协的情况下阻挡这个IP地址,这样如果发送大量包含不同IP地址的伪造包,可导致远程PC防火墙系统阻挡大量Internet地址。
|漏洞EXP
source: http://www.securityfocus.com/bid/5917/info

A weakness has been reported in some PC Firewall packages that could allow remote denial of service attacks. The problem is in the handling of spoofed traffic.

Under some circumstances, it is possible for remote users to deny service to various sites for users of PC Firewall software. By sending spoofed traffic that could be deemed malicious by the firewall software package, an attacker could effectively limit the sites a system is capable of reaching.

hping -e 13 -d 2 -s 6000 -p 2140 -2 host1.example.com -c 2 -a host2.example.com
|参考资料

来源:BID
名称:5917
链接:http://www.securityfocus.com/bid/5917
来源:XF
名称:firewall-autoblock-spoofing-dos(10314)
链接:http://www.iss.net/security_center/static/10314.php
来源:BUGTRAQ
名称:20021008MultipleVendorPCfirewallremotedenialofservicesVulnerability
链接:http://online.securityfocus.com/archive/1/294411
来源:BUGTRAQ
名称:20021008Re:MultipleVendorPCfirewallremotedenialofservicesVulnerability
链接:http://archives.neohapsis.com/archives/bugtraq/2002-10/0156.html
来源:NSFOCUS
名称:3634
链接:http://www.nsfocus.net/vulndb/3634

相关推荐: Linux cwdtools Vulnerabilities

Linux cwdtools Vulnerabilities 漏洞ID 1104474 漏洞类型 Unknown 发布时间 1999-10-22 更新时间 1999-10-22 CVE编号 N/A CNNVD-ID N/A 漏洞平台 N/A CVSS评分 N/…

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享