Bugtraq mailing list archives

Re: NetScreen Brain-deadness...

From: dmcpike () RMI NET (Dave McPike)
Date: Wed, 6 Oct 1999 12:38:39 -0600


While on the subject of Netscreens, v1.62 of the firmware is also
susceptible to an attack identical to the session table flood described
for Checkpoint-1 back in August.  I've talked with Netscreen about this,
and they will have fixes rolled out into the 1.64 release.  They have
patches availble now that they should give out on request.

Dave McPike
Link Consulting, Inc.
dmcpike () rmi net

"I've met many thinkers and many cats, but the wisdom of cats is
infinitely superior."  --Hippolyte Taine

On Tue, 5 Oct 1999, Ash wrote:

Just for random value I will mention a change in the NetScreen line of
firewalls that occured in v1.62 of the firmware.

They disabled the forwarding of non-IP traffic in transparent mode.

Yes, prior to this, if operating as a transparent device, which was
the default and suggested configuration, the device would forward all
non-IP packets such as IPX from trusted to untrusted and such.

--
Ash <ash () dragonpaw org>

"Knowledge moves at the speed of light; molecules move at 600 miles per hour
 with FedEx."
  -- Bill Gross, referring to the Internet

Current thread:

Re: RFP9903: AeDebug vulnerability David LeBlanc (Oct 03)
- Re: RFP9903: AeDebug vulnerability .rain.forest.puppy. (Oct 03)
- Re: RFP9903: AeDebug vulnerability Pete Deuel (Oct 05)
- NetScreen Brain-deadness... Ash (Oct 05)
  - RH6.0 local/remote command execution Neezam Haniff (Oct 06)
    - Re: RH6.0 local/remote command execution D (Oct 08)
    - tcpdump under RedHat 6.1 Renaud Deraison (Oct 09)
  - Re: NetScreen Brain-deadness... Dave McPike (Oct 06)
- Re: RFP9903: AeDebug vulnerability Stefan Norberg (Oct 06)
- <Possible follow-ups>
- Re: RFP9903: AeDebug vulnerability Todd Sabin (Oct 05)
- Re: RFP9903: AeDebug vulnerability David LeBlanc (Oct 05)
  - Re: RFP9903: AeDebug vulnerability Joe Melhado (Oct 06)
- Re: RFP9903: AeDebug vulnerability Enno Rey (Oct 07)