Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Vulnerability Development mailing list archives

Re: NetScreen Slipstream
From: "Alex Lambert" <alambert () webmaster com>
Date: Fri, 13 Sep 2002 18:06:53 -0500
http://www.netscreen.com/support/alerts/9_6_02.htm

Works fine here.


apl

----- Original Message -----
From: "Blue Boar" <BlueBoar () thievco com>
To: <vuln-dev () securityfocus com>
Sent: Friday, September 13, 2002 2:38 PM
Subject: NetScreen Slipstream



I was asked to proxy this note to the list.  I do not have one of these
boxes to verify the problem myself, and it doesn't look like one can

access

the release notes without registering a product, so I can not personally
vouch for the accuracy of this report.

Forwarded note below.

BB

--------------------------------------------------------------------


this is from netscreen's release notes for 4.0.0r2

* 21901 - (IKE) Under certain conditions, an overly large SPI payload
value in the IKE Phase 1 response message triggered a buffer overflow, or
an IKE packet with a large number of payloads could trigger a stack

overflow.


There is no mention  here http://www.netscreen.com/support/alert.html of
this

Screen OS 4.0.0r2 fixes the issue - though I can't test as I have no
idea that the "certain conditions" were

It is a pity that they are so reticent about mentioning these issues as
their products are quite good.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]