Re: Eagle Raptor Firewall for Windows vulnerable to MSBLAST?
From: Wallace Fullerton (fullerton_at_COMCAST.NET)
Date: 08/19/03
- Previous message: Howard Durdle: "Re: clients contacting WU directly"
- Maybe in reply to: Kramer, John: "Eagle Raptor Firewall for Windows vulnerable to MSBLAST?"
- Next in thread: Marc Maiffret: "Re: Eagle Raptor Firewall for Windows vulnerable to MSBLAST?"
- Reply: Marc Maiffret: "Re: Eagle Raptor Firewall for Windows vulnerable to MSBLAST?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 19 Aug 2003 11:43:02 -0400 To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
Several members of the Raptor mailing list read this message and have
tested their own systems using eEye's scanning tool. In all reported
instances, no vulnerabilities were found by the scanning tool.
It isn't clear from the original message what version of Raptor and on
what platform were tested by Mr. Kramer but the fact that it was even
called "Raptor Eagle" and that there was a suggestion that the OS was
"not standard" suggests Mr. Kramer may have been working with an old
version -- Since early 2002 (or before) Raptor has been called Symantec
Enterprise Firewall (now in version 7.x) and runs on hardened Windows
NT, Windows 2000, and Solaris. Other versions run on hardware devices.
I suppose its possible that some earlier versions of Raptor running on
NT might be vulnerable but the current version does not appear to be
vulnerable. Symantec will have to provide their official spin on this
question.
-----Original Message-----
From: Windows NTBugtraq Mailing List
[mailto:NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM] On Behalf Of Kramer, John
Sent: Friday, August 15, 2003 7:53 AM
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
Subject: Eagle Raptor Firewall for Windows vulnerable to MSBLAST?
I used eEye Retina's DCOM/RPC vulnerability scanner yesterday, and one
of the devices that came back as being vulnerable was our Eagle Raptor
Firewall.
Based on my concern, I promptly asked one of our IT guys if he was aware
of this. His response was that it is our old Eagle Raptor Firewall
machine so its not really running standard Windows.
Huh? If the scanner reported that the device is vulnerable, no matter
what king of version of Windows (embedded, whatever), is this device
still not vulnerable and can possibly have the worm be able to transfer
itself through to another device internal to our firewall?
Has anyone using the Eagle Raptor firewall for Windows come across this
and is this true?
thanks
John Kramer
McKesson Automation
John.Kramer@McKesson.com
oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
Are You "Certifiable"? Summer's Hottest Certification Just Got HOTTER!
With a growth rate exceeding 110%, the TICSA security practitioner
certification is one of the hottest IT credentials available. And now, for
a limited time, you can save 33% off of the TICSA certification exam! To
learn more about the TICSA certification, and to register as a TICSA
candidate online, just go to
http://www.trusecure.com/offer/s0100/
oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
- Previous message: Howard Durdle: "Re: clients contacting WU directly"
- Maybe in reply to: Kramer, John: "Eagle Raptor Firewall for Windows vulnerable to MSBLAST?"
- Next in thread: Marc Maiffret: "Re: Eagle Raptor Firewall for Windows vulnerable to MSBLAST?"
- Reply: Marc Maiffret: "Re: Eagle Raptor Firewall for Windows vulnerable to MSBLAST?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
