https://cxsecurity.com/issue/WLB-2007100112
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200312-374

SonicWALLPRO是功能齐全的互联网安全设备，专门为满足具有不断增长的VPN需要的大型网络而设计。SonicWALLPro防火墙在处理发送给内部接口的不寻常超大HTTPPOST请求存在问题，远程攻击者可以利用这个漏洞对设备进行拒绝服务攻击。此问题可能是由于缓冲区溢出原因造成，不过没有得到证实。

Came across an apparent problem on a SonicWall Pro running firmware

version 6.4.0.1 ROM version 5.0.1.0 during a vulnerability assessment and

couldn't find any other postings on this problem so fwiw.. the problem

occurs when sending a large HTTP POST to the inside interface - may affect

others just didn't test as the outside interface was blocked.  I was able

to confirm this problem using two separate Nessus plugins (10012 and

10687). The behavior of the firewall suggests a buffer overflow but since

I'm not familiar with the internals of this system it's just a guess. 15-

20 seconds after sending the POST to the firewall the firewall goes

through a reset cycle. This delay suggests to me a section of code that is

being overwritten. At the very least, this is a Denial of Service problem.

Vendor was notified of the problem.

来源:XF
名称:sonicwallpro-http-post-dos(11876)
链接:http://xforce.iss.net/xforce/xfdb/11876
来源:BID
名称:7435
链接:http://www.securityfocus.com/bid/7435
来源:BUGTRAQ
名称:20030424SonicWallProDoS?
链接:http://www.securityfocus.com/archive/1/319712
来源:SREASON
名称:3291
链接:http://securityreason.com/securityalert/3291
来源：NSFOCUS
名称：4747
链接：http://www.nsfocus.net/vulndb/4747