|
|
|
|
| |
| Sending subsequent requests with invalid data to the Firewall's SQL Gateway results in an immediate crash. The firewall will not accept any further connections on any SQL Gateway that is defined in the rule base. |
| |
Credit:
The information has been provided by Oliver Heinz.
|
| |
During an investigation of a problem with the SQL Gateway showed that the sql-gw-process can easily be crashed on any Gauntlet-Firewall by simply connecting to it.
Recreation:
Try the following (_very_ basic)script, use your firewall's IP instead of aaa.bbb.ccc.ddd, running sql-gw at the standard port 1521:
for a in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17
do
telnet aaa.bbb.ccc.ddd 1521
done
You will see that the last try to connect (#17) results in "Connection refused" and the process of "sql-gw" is no longer running on the firewall. A DoS against Gauntlet is very easy.
This is especially unpleasant, as Gauntlet is one of the few major firewall-products that provide true application level security _and_ do have a dedicated application-proxy for SQL (sql-net 1 + 2).
In fact, many companies use Gauntlet especially to protect database-servers.
Vendor status:
Secure Computing as vendor of Gauntlet could reproduce the DoS, patches or bug fixes are not yet available.
|
|
|
|
|
|
|
|
|
|
