Re: NetScreen Slipstream

From: Alex Lambert (alambert@webmaster.com)
Date: 09/14/02 

From: "Alex Lambert" <alambert@webmaster.com>
To: "Blue Boar" <BlueBoar@thievco.com>, <vuln-dev@securityfocus.com>
Date: Fri, 13 Sep 2002 18:06:53 -0500

http://www.netscreen.com/support/alerts/9_6_02.htm

Works fine here.

apl

----- Original Message -----
From: "Blue Boar" <BlueBoar@thievco.com>
To: <vuln-dev@securityfocus.com>
Sent: Friday, September 13, 2002 2:38 PM
Subject: NetScreen Slipstream

> I was asked to proxy this note to the list. I do not have one of these
> boxes to verify the problem myself, and it doesn't look like one can
access
> the release notes without registering a product, so I can not personally
> vouch for the accuracy of this report.
>
> Forwarded note below.
>
> BB
>
> --------------------------------------------------------------------
>
>
> this is from netscreen's release notes for 4.0.0r2
>
> * 21901 - (IKE) Under certain conditions, an overly large SPI payload
> value in the IKE Phase 1 response message triggered a buffer overflow, or
> an IKE packet with a large number of payloads could trigger a stack
overflow.
>
> There is no mention here http://www.netscreen.com/support/alert.html of
> this
>
> Screen OS 4.0.0r2 fixes the issue - though I can't test as I have no
> idea that the "certain conditions" were
>
> It is a pity that they are so reticent about mentioning these issues as
> their products are quite good.
>
>
>