发布时间 :2002-07-26 00:00:00
修订时间 :2008-09-10 15:12:03

[原文]ZyXEL ZyWALL 10 before 3.50 allows remote attackers to cause a denial of service via an ARP packet with the firewall's IP address and an incorrect MAC address, which causes the firewall to disable the LAN interface.

[CNNVD]Zyxel Zywall10 伪造ARP报文远程拒绝服务漏洞(CNNVD-200207-130)


- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)


- OVAL (用于检测的技术细节)


- 官方数据库链接
(官方数据源) MITRE
(官方数据源) NVD
(官方数据源) CNNVD

- 其它链接及资源
(VENDOR_ADVISORY)  XF  zyxel-zywall10-arp-dos(8436)
(UNKNOWN)  VULNWATCH  20020312 [VulnWatch] ZyXEL ZyWALL10 DoS

- 漏洞信息

Zyxel Zywall10 伪造ARP报文远程拒绝服务漏洞
中危 其他
2002-07-26 00:00:00 2005-10-20 00:00:00

- 公告与补丁

        * 暂时没有好的临时解决方法。
        ZyXel Zywall10 0.0V3.50(WA.1):
        ZyXel Upgrade zywall10_V3.50(WA.2)
        ZyXel Zywall10 0.0V3.24(WA.2):
        ZyXel Upgrade zywall10_V3.50(WA.2)

- 漏洞信息

ZyXEL ZyWALL Malformed ARP Packet DoS
Remote / Network Access Denial of Service
Loss of Availability
Exploit Public

- 漏洞描述

ZyXEL ZyWALL 10 contains a flaw that may allow a remote denial of service. The issue is triggered when a remote attacker send a malformed ARP packet with an invalid MAC address and the IP address of the device, and will result in loss of availability for the LAN connection. The device must be restarted to regain normal functionality.

- 时间线

2002-03-11 Unknow
2002-03-11 Unknow

- 解决方案

Upgrade to version 3.50(WA.2) or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

- 相关参考

- 漏洞作者

- 漏洞信息

Zyxel Zywall10 Denial Of Service Vulnerability
Failure to Handle Exceptional Conditions 4272
Yes No
2002-03-11 12:00:00 2009-07-11 11:56:00
Vulnerability discovery credited to Knud Erik Højgaard.

- 受影响的程序版本

ZyXEL Zywall10 3.50 (WA.2)
ZyXEL Zywall10 3.50 (WA.1)
ZyXEL Zywall10 3.24 (WA.2)
ZyXEL Zywall10 3.24 (WA.1)
ZyXEL Zywall10 3.24 (WA.0)
ZyXEL Zywall10 3.20 (WA.1)
ZyXEL Zywall10 3.20 (WA.0)
ZyXEL Zywall10 3.50 (WA.2)
ZyXEL Zywall10 3.50 (WA.1)

- 不受影响的程序版本

ZyXEL Zywall10 3.50 (WA.2)
ZyXEL Zywall10 3.50 (WA.1)

- 漏洞讨论

The Zywall10 is a hardware firewall appliance developed and distributed by Zyxel.

Under some circumstances, it may be possible to deny service to users of a Zyxel Zywall. When a spoofed arp packet is sent to an interface on the system with the IP address of the receiving interface, and an arbitrary MAC address, the Zywall puts the receiving interface in the down state. This could allow users capable of sending arp traffic to the firewall to prevent the firewall from passing traffic.

- 漏洞利用

This vulnerability may be exploited with one of numerous available tools.

- 解决方案

It has been reported that revision V3.50 fixes this issue.

ZyXEL Zywall10 3.24 (WA.2)

ZyXEL Zywall10 3.50 (WA.2)

ZyXEL Zywall10 3.50 (WA.1)

- 相关参考