From: Secunia Security Advisories (sec-advsecunia.com)
Date: Sat Jul 12 2003 - 06:30:30 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

TITLE:
Netscreen Non-Supported Transport Protocol Filter Bypass

READ ONLINE:
http://www.secunia.com/advisories/9248/

CRITICAL:
Moderately critical

IMPACT:
Security Bypass

WHERE:
From local network

OPERATING SYSTEM:
NetScreen ScreenOS 4.x

DESCRIPTION:
A vulnerability has been reported in NetScreen, which can be
exploited by malicious people to bypass the firewall filter.

Reportedly, NetScreen cannot filter other transport protocols than
ARP and IP when running in bridged mode. This can be exploited on
networks supporting other protocols (eg. IPX) to bypass the firewall
and contact services, where access was thought the be restricted by
the firewall.

Reportedly, the vulnerability is present whether the screening
setting "bypass non-IP traffic" has been enabled or not.

The vulnerability has been reported in 20x and 50x models running the
latest version of ScreenOS. However, other versions may also be
affected.

SOLUTION:
Don't use NetScreen firewalls to protect resources on a network using
other transport protocols than the ones supported.

REPORTED BY / CREDITS:
InquisiTeam

----------------------------------------------------------------------

Secunia recommends that you verify all advisories you receive, by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

Contact details:
Web : http://www.secunia.com/
E-mail : supportsecunia.com
Tel : +44 (0) 20 7016 2693
Fax : +44 (0) 20 7637 0419

----------------------------------------------------------------------

Unsubscribe: Secunia Security Advisories

----------------------------------------------------------------------

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]