ZyXEL ZyWALL 10 before 3.50 allows remote attackers to cause a denial of service via an ARP packet with the firewalls IP address and an incorrect MAC address, which causes the firewall to disable the LAN interface.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Zywall10 | Zyxel | 3.20_wa0 (including) | 3.20_wa0 (including) |
| Zywall10 | Zyxel | 3.20_wa1 (including) | 3.20_wa1 (including) |
| Zywall10 | Zyxel | 3.24_wa0 (including) | 3.24_wa0 (including) |
| Zywall10 | Zyxel | 3.24_wa1 (including) | 3.24_wa1 (including) |
| Zywall10 | Zyxel | 3.24_wa2 (including) | 3.24_wa2 (including) |
| Zywall10 | Zyxel | 3.50_wa1 (including) | 3.50_wa1 (including) |
References
- ftp://ftp.zyxel.com/public/zywall10/firmware/zywall10_V3.50%28WA.2%29C0_Standard.zip
- http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0067.html
- http://www.iss.net/security_center/static/8436.php
- http://www.securityfocus.com/archive/1/261411
- http://www.securityfocus.com/bid/4272
- ftp://ftp.zyxel.com/public/zywall10/firmware/zywall10_V3.50%28WA.2%29C0_Standard.zip
- http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0067.html
- http://www.iss.net/security_center/static/8436.php
- http://www.securityfocus.com/archive/1/261411
- http://www.securityfocus.com/bid/4272