NetScreen Slipstream
From: Blue Boar (BlueBoar@thievco.com)Date: 09/13/02
- Previous message: Tyson Leslie: "RE: Windows XP Service Pack1 problem with activation"
- Next in thread: Alex Lambert: "Re: NetScreen Slipstream"
- Reply: Alex Lambert: "Re: NetScreen Slipstream"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 13 Sep 2002 12:38:14 -0700 From: Blue Boar <BlueBoar@thievco.com> To: vuln-dev@securityfocus.com
I was asked to proxy this note to the list. I do not have one of these
boxes to verify the problem myself, and it doesn't look like one can access
the release notes without registering a product, so I can not personally
vouch for the accuracy of this report.
Forwarded note below.
BB
--------------------------------------------------------------------
this is from netscreen's release notes for 4.0.0r2
* 21901 - (IKE) Under certain conditions, an overly large SPI payload
value in the IKE Phase 1 response message triggered a buffer overflow, or
an IKE packet with a large number of payloads could trigger a stack overflow.
There is no mention here http://www.netscreen.com/support/alert.html of
this
Screen OS 4.0.0r2 fixes the issue - though I can't test as I have no
idea that the "certain conditions" were
It is a pity that they are so reticent about mentioning these issues as
their products are quite good.
- Previous message: Tyson Leslie: "RE: Windows XP Service Pack1 problem with activation"
- Next in thread: Alex Lambert: "Re: NetScreen Slipstream"
- Reply: Alex Lambert: "Re: NetScreen Slipstream"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
