CVE-2002-0438
CVSS5.0
发布时间 :2002-07-26 00:00:00
修订时间 :2008-09-10 15:12:03
NMCOS    

[原文]ZyXEL ZyWALL 10 before 3.50 allows remote attackers to cause a denial of service via an ARP packet with the firewall's IP address and an incorrect MAC address, which causes the firewall to disable the LAN interface.


[CNNVD]Zyxel Zywall10 伪造ARP报文远程拒绝服务漏洞(CNNVD-200207-130)

        
        Zywall10是一款由Zyxel开发和维护的硬件防火墙。
        Zywall10在处理特殊伪造ARP包时存在漏洞,可导致拒绝服务攻击。
        当发送IP地址为目标防火墙接收接口的IP地址而MAC地址是任意MAC地址的伪造ARP包给系统接口时,Zywall会使此接口关闭,而拒绝对其他服务进行通信,造成拒绝服务攻击。
        

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/h:zyxel:zywall10:3.24_wa1
cpe:/h:zyxel:zywall10:3.50_wa1
cpe:/h:zyxel:zywall10:3.20_wa1
cpe:/h:zyxel:zywall10:3.24_wa0
cpe:/h:zyxel:zywall10:3.20_wa0
cpe:/h:zyxel:zywall10:3.24_wa2

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0438
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2002-0438
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200207-130
(官方数据源) CNNVD

- 其它链接及资源

http://www.securityfocus.com/bid/4272
(VENDOR_ADVISORY)  BID  4272
http://www.securityfocus.com/archive/1/261411
(VENDOR_ADVISORY)  BUGTRAQ  20020311 ZyXEL ZyWALL10 DoS
http://www.iss.net/security_center/static/8436.php
(VENDOR_ADVISORY)  XF  zyxel-zywall10-arp-dos(8436)
http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0067.html
(UNKNOWN)  VULNWATCH  20020312 [VulnWatch] ZyXEL ZyWALL10 DoS
ftp://ftp.zyxel.com/public/zywall10/firmware/zywall10_V3.50%28WA.2%29C0_Standard.zip
(UNKNOWN)  MISC  ftp://ftp.zyxel.com/public/zywall10/firmware/zywall10_V3.50(WA.2)C0_Standard.zip

- 漏洞信息

Zyxel Zywall10 伪造ARP报文远程拒绝服务漏洞
中危 其他
2002-07-26 00:00:00 2005-10-20 00:00:00
远程  
        
        Zywall10是一款由Zyxel开发和维护的硬件防火墙。
        Zywall10在处理特殊伪造ARP包时存在漏洞,可导致拒绝服务攻击。
        当发送IP地址为目标防火墙接收接口的IP地址而MAC地址是任意MAC地址的伪造ARP包给系统接口时,Zywall会使此接口关闭,而拒绝对其他服务进行通信,造成拒绝服务攻击。
        

- 公告与补丁

        临时解决方法:
        如果您不能立刻安装补丁或者升级,CNNVD建议您采取以下措施以降低威胁:
        * 暂时没有好的临时解决方法。
        厂商补丁:
        ZyXEL
        -----
        目前厂商已经发布了升级补丁以修复这个安全问题。
        升级程序下载:
        ZyXel Zywall10 0.0V3.50(WA.1):
        ZyXel Upgrade zywall10_V3.50(WA.2)C0_firmware_Standard_3.zip
        ftp://ftp.zyxel.com/download/public/firmware
        ZyXel Zywall10 0.0V3.24(WA.2):
        ZyXel Upgrade zywall10_V3.50(WA.2)C0_firmware_Standard_3.zip
        ftp://ftp.zyxel.com/download/public/firmware

- 漏洞信息

9981
ZyXEL ZyWALL Malformed ARP Packet DoS
Remote / Network Access Denial of Service
Loss of Availability
Exploit Public

- 漏洞描述

ZyXEL ZyWALL 10 contains a flaw that may allow a remote denial of service. The issue is triggered when a remote attacker send a malformed ARP packet with an invalid MAC address and the IP address of the device, and will result in loss of availability for the LAN connection. The device must be restarted to regain normal functionality.

- 时间线

2002-03-11 Unknow
2002-03-11 Unknow

- 解决方案

Upgrade to version 3.50(WA.2) or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

- 相关参考

- 漏洞作者

- 漏洞信息

Zyxel Zywall10 Denial Of Service Vulnerability
Failure to Handle Exceptional Conditions 4272
Yes No
2002-03-11 12:00:00 2009-07-11 11:56:00
Vulnerability discovery credited to Knud Erik Højgaard.

- 受影响的程序版本

ZyXEL Zywall10 3.50 (WA.2)
ZyXEL Zywall10 3.50 (WA.1)
ZyXEL Zywall10 3.24 (WA.2)
ZyXEL Zywall10 3.24 (WA.1)
ZyXEL Zywall10 3.24 (WA.0)
ZyXEL Zywall10 3.20 (WA.1)
ZyXEL Zywall10 3.20 (WA.0)
ZyXEL Zywall10 3.50 (WA.2)
ZyXEL Zywall10 3.50 (WA.1)

- 不受影响的程序版本

ZyXEL Zywall10 3.50 (WA.2)
ZyXEL Zywall10 3.50 (WA.1)

- 漏洞讨论

The Zywall10 is a hardware firewall appliance developed and distributed by Zyxel.

Under some circumstances, it may be possible to deny service to users of a Zyxel Zywall. When a spoofed arp packet is sent to an interface on the system with the IP address of the receiving interface, and an arbitrary MAC address, the Zywall puts the receiving interface in the down state. This could allow users capable of sending arp traffic to the firewall to prevent the firewall from passing traffic.

- 漏洞利用

This vulnerability may be exploited with one of numerous available tools.

- 解决方案

It has been reported that revision V3.50 fixes this issue.


ZyXEL Zywall10 3.24 (WA.2)

ZyXEL Zywall10 3.50 (WA.2)

ZyXEL Zywall10 3.50 (WA.1)

- 相关参考

     

     

    关于SCAP中文社区

    SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

    版权声明

    CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站