Operational Defect Database
BugZero found this defect 3219 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
WatchGuard Technologies | kA10H000000g3FFSAY
Firebox automatically blocks hosts on Blocked Sites Exceptions list for Port Space Probes
Last update date:
8/6/2015
Affected products:
Firebox M200
Firebox M300
Firebox M270
Firebox M370
Firebox M470
Firebox M570
Firebox M670
Firebox M290
Firebox M390
Firebox M400
Firebox M500
Firebox M440
Affected releases:
All
Fireware
11.x
11.10.x
11.10.1
11.10.2
11.10.3
11.9.x
11.9.4
11.9.5
Fixed releases:
All
Description:
Issue
If an external host that matches an entry on your Blocked Sites Exceptions list triggers the Block Port Space Probe protection, the Firebox will block the host despite the exception.
Workaround/Solution
If you need to allow a security scanner to test the defenses of your network, you can temporarily disable Port Space Probes in your Default Packet Handling configuration.
