Tiny PF 3.0 anfälligThema ist geschlossen! |
||
|---|---|---|
Thema ist geschlossen! |
||
| #0
| ||
|
21.08.2002, 19:37
Ajax
zu Gast
|
||
 
|
|
|
|
21.08.2002, 20:05
Ehrenmitglied
 Beiträge: 2283 |
#2
Ähm, ich verweise mal auf: http://board.protecus.de/t925.htm und schließe hier!
R. __________ powered by http://different-thinking.de - Netze, Protokolle, Sicherheit, ... |
|
|
|
|
|
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!
bitte erst » hier kostenlos registrieren!!
Folgende Themen könnten Dich auch interessieren:
Seite(n): 1
Copyright © 2024, Protecus.de - Protecus Team - Impressum / Mediadaten
From Bugtraq:
Overview
Tiny Personal Firewall 3.0 is ideal for standalone computers or for trusted experienced users in corporate environment. It protects personal computers against network attacks, worms, trojans and viruses and manages the access of computer processes (programs) to computer resources (memory, files, devices). This was said on their web-site as it goes.
Tiny Personal Firewall 3.0 for windows platform contains Denial of Service vulnerabilities in its Personal Firewall Agent module specifically the activity logger tab. These vulnerabilities could allow an attacker to crash the operating system consuming 100% of your CPU resources.
Details
1] DoS vulnerability with Tiny Personal Firewall 3.0 Default Installation
- By simply portscanning the host with Tiny Personal Firewall 3.0 default install by sending multiple SYN, UDP, ICMP and TCP full Connect through all its ports and as the user browses its Personal Firewall Agent module firewall Log tab. The user can cause a crash to its own operating system by just clicking or viewing the Activity tab of the said module.
Note: With WinNT 4.0 with Sp6a workaround is not possible.
2] IP spoofing and DoS vulnerability
- It is quite similar to the first one but this vulnerability comes in with the fully configured Tiny Personal Firewall 3.0 and Setting up the personal firewall to HIGH Security. The Personal firewall is having problem blocking packets with Spoof source address .
Workaround:
1] Simply change the permission for the rules under System Applications on Inbound ICMP(LAN1) to ask user.
2] This vulnerability has no work around. Even if you block all the IP addresses, protocols and ports, the Firewall will fail to handle the attack.
---------------------------------------
sorry because in englisch
Gruß
Ajax