Bugtraq mailing list archives
Re: Addendum to Firewall-1 FTP Server Vulnerability
From: mikael.olsson () ENTERNET SE (Mikael Olsson)
Date: Thu, 2 Mar 2000 22:53:54 +0100
As I said in my original posting to vuln-dev: I think you will find that ALL stateful inspection firewalls with FTP ALGs that do not reassemble the TCP stream are vulnerable to this attack. Jacek Lipkowski wrote:
the recent firewall-1 pasv vulnerability also applies to cisco pix (don't know which version - it's not my pix :). jacek
-- Mikael Olsson, EnterNet Sweden AB, Box 393, S-891 28 ÖRNSKÖLDSVIK Phone: +46 (0)660 105 50 Fax: +46 (0)660 122 50 Mobile: +46 (0)70 66 77 636 WWW: http://www.enternet.se E-mail: mikael.olsson () enternet se
Current thread:
- Addendum to Firewall-1 FTP Server Vulnerability Paul Cardon (Feb 29)
- How to Write Secure Code B Potter (Mar 01)
- Re: Addendum to Firewall-1 FTP Server Vulnerability Jacek Lipkowski (Mar 02)
- Re: Addendum to Firewall-1 FTP Server Vulnerability Mikael Olsson (Mar 02)