PT-2003-1252 · Watchguard · Watchguard Rssa Appliance+1

Published

2003-04-02

Updated

2008-09-05

CVE-2002-1519

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions WatchGuard Firebox Vclass versions 3.2 and earlier WatchGuard RSSA Appliance version 3.0.2

Description The issue allows remote attackers to cause a denial of service and possibly execute arbitrary code via format string specifiers in the password parameter. This is a result of a format string vulnerability in the CLI interface.

Recommendations For WatchGuard Firebox Vclass versions 3.2 and earlier, update to a version later than 3.2 to resolve the issue. For WatchGuard RSSA Appliance version 3.0.2, update to a version later than 3.0.2 to resolve the issue. As a temporary workaround, consider restricting access to the CLI interface to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2002-1519

Affected Products

Watchguard Firebox Vclass

Watchguard Rssa Appliance

PT-2003-1252 · Watchguard · Watchguard Rssa Appliance+1

CVE-2002-1519

Related Identifiers

Affected Products

References · 6