Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: Alteon ACEdirector signature/security bug
From: Mike Rogers <mprogers () nortelnetworks com>
Date: 8 Feb 2002 15:04:34 -0000


In-Reply-To: <20020125160940.A8217 () doit wisc edu>

Second Attempt - perhaps new users are not allowed 
to post?

Problem was raised to High priority as soon as the 
original posting was received.

Handling of half closed connections in our delayed 
binding modes (where the switch intercepts the 
connection to the server to examine the request) has 
been fixed, and a patch should be released for all 
current software versions within 2 weeks.

Preventing occasional "leakage" of Real Server 
addresses after a connection did not close cleanly, is 
in process. This typically occurs when a client does 
not acknowledge a server FIN, leaving the server 
retransmitting after the switch has removed the 
session entry (translation information).

Further details to follow shortly.

---------------------------------------------
Nortel Networks: Intelligent Edge / Alteon
Mike Rogers, Director, Customer Engineering
Phone: +1 603-661-9091 (HQ VM +1-408-360-5631)
eFax: +1-603-816-9196
--------------------------------------------- 


  By Date           By Thread  

Current thread:
  • Re: Alteon ACEdirector signature/security bug Mike Rogers (Feb 08)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault