Packeteer PacketShaper Web Management Denial of Service
Critical: Less critical
Where: Local network
Product: Packeteer PacketShaper
Packeteer PacketShaper is susceptible to a denial of service vulnerability in the web management interface. Requesting a specific URL will cause the device to reboot:
The user must first log in but even read-only "look" access is sufficient.
The vulnerability has been identified in version 7.3.0g2 and 7.5.0g1. However, other versions may be also affected.
Restrict network access to the device management interfaces
alert tcp $EXTERNAL_NET any -> $HOME_NET $HTTP_PORTS
(msg:"WEB-MISC PacketShaper DoS attempt"; flow:to_server,established;
classtype:denial-of-service; sid:TBD; rev:1;)