Watchguard error validating proxy id
The vulnerability is believed to be due to improper identification of e-mail attachments when the MIME boundary contains certain characters.
How to renew the Watch Guard default self signed web certificate4.
Watch Guard Fireware v11.12.4 was released on 7th June. Your Firebox must be running, XTM v11.7.5, v11.8.4 or v11.9 or higher before upgrading.
This replaces the previous version of 11.12.2 Update 2. For more detailed information see the presentation below. Watch Guard: How to resolve “Response denied by Watch Guard HTTP Proxy – Reason: header-line too large”2.
To exploit this issue, an attacker would need to craft an email with malicious script code as part of the email subject line.
If the email is quarantined by the Watch Guard spam blocker/smtp proxy, the malicious script would execute when the user views their quarantine portal, potentially allowing the attacker to gain elevated privileges within the users browser.