Home page logo

bugtraq logo Bugtraq mailing list archives

Re: Alteon ACEdirector signature/security bug
From: Mike Rogers <mprogers () nortelnetworks com>
Date: 12 Mar 2002 22:26:23 -0000

In-Reply-To: <20020208150434.3358.qmail () mail securityfocus com>

Half close issue fixed in:,,, which should appear on 
the Nortel Support website shortly.

Fix pending for next build of 8.0 and 8.1 (, No fix planned for older versions.


CR Q00229759 Prevent RIP leak when half bound 
session receives a FIN (half closed)from client. 
Accomplished by ignoring first FIN, and setting a flag. 
If binding fails, on retransmitted FIN, session will be 
(If binding succeeds, retransmitted FIN is sent to real 
server and handled correctly.)

There is a secondary problem which can occur when 
the server's FIN is not acknowledged in a timely 
manner by the client. This results in the session 
(translation information) being removed while the 
server is still retrying the FIN.
The workaround for this is to raise the fast aging time 
to allow for the retransmissions using 
the /cfg/slb/adv/fastage parameter (recommended 
value=2), but we plan on issuing a more 
comprehensive fix within a month.

Nortel Networks: Intelligent Edge / Alteon
Mike Rogers, Director, Customer Engineering
Phone: +1 603-661-9091 (HQ VM +1-408-360-5631)

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]