Vulnerability Development mailing list archives
Re: Query
From: "Roland Postle" <mail () blazde co uk>
Date: Tue, 16 Jul 2002 20:54:31 +0100
Recently, whilst performing a Penetration Test I developed a Java script which, with the use of some tools, disables a well known personal
firewall.
This personal firewall was designed as is used so that the company can centrally control what Hosts and Networks a user can access via the use of profiles. Can you see what it is yet? Anyway, would you guys consider the ability to disable the firewall remotely a vulnerability or does it fall simply in the arena of technique in the use of already existing tools and vulnerabilities?
By 'disabling' do you mean disabling the filtering part of the firewall (thereby allowing all kinds of nasty traffic through) or knocking out the whole firewall with some kind of DoS attack? Regardless I'd say it's a vulnerability unless it requires knowing some kind of administrative password, in which case it's probably a 'feature'. Still, it might be a feature that makes the firewall less secure than is desirable. - Blazde