SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com






Category:   Device (Firewall)  >   ScreenOS (NetScreen) Vendors:   NetScreen
NetScreen Firewalls Can Be Made Unresponsive By a Remote User on the Trusted Interface Side Conducting Port Scans Through the Firewall
SecurityTracker Alert ID:  1003421
SecurityTracker URL:  http://securitytracker.com/id/1003421
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Feb 1 2002
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  Exploit Included:  Yes  
Version(s): prior to 3.1; tested on NetScreen 5
Description:   A denial of service vulnerability was reported in NetScreen firewalls (Screen OS). A remote user on the trusted interface can cause the interface to hang.

It is reported that a remote user on the trusted (internal) interface can conduct a port scan on an external IP address to consume available sessions on the firewall. This can reportedly cause the entire trusted interface to become unresponsive.

Impact:   A remote user on the internal (trusted) interface can cause the interface to become unresponsive.
Solution:   It is reported that NetScreen has issued a fix (version 3.1). An update to ScreenOS 3.1 is apparently available for the NetScreen 200 or 500 models and reportedly will be available for all other models on April 1, 2002.
Vendor URL:  www.netscreen.com/ (Links to External Site)
Cause:   Resource error
Underlying OS:  

Message History:   This archive entry has one or more follow-up message(s) listed below.
(Vendor Clarifies) Re: NetScreen Firewalls Can Be Made Unresponsive By a Remote User on the Trusted Interface Side Conducting Port Scans Through the Firewall   (Dave Killion <Dkillion@netscreen.com>)
The vendor has provided clarifying information.
(Vendor Provides a Response Detailing Product Protection Mechanisms) Re: NetScreen Firewalls Can Be Made Unresponsive By a Remote User on the Trusted Interface Side Conducting Port Scans Through the Firewall   (Mike Kouri <mkouri@netscreen.com>)
The vendor responds.



 Source Message Contents

Date:  1 Feb 2002 15:06:49 -0000
Subject:  NetScreen ScreenOS 2.6 Subject to Trust Interface DoS




Problem: NetScreen ScreenOS 2.6.1 subject to Trust 
Interface DoS Attack

Company Info: NetScreen Technologies are the 
manufacturers of some of the industry's highest 
quality VPN and firewall equipment. For more 
information please see http://www.netscreen.com.

What's affected: The ScreenOS is the heart of the 
NetScreen products. This allows for the firewall 
configuration/management. Apparently all versions 
before ScreenOS 3.1 are affected. This vulnerability 
can only occur from within the "trusted" network, or 
from a machine connected to the "trust" interface. 
External attempts will not cause any problems/DoS.

Exploit: Someone within the trusted side of the 
network can attempt a portscan on an external IP 
address. When the scan runs it appears to consume 
all of the available sessions. This, in turn, causes a 
DoS to the entire trusted interface. The only way I got 
my device to recover quickly was to perform a reset. 
A recovery might be possible without a reset, but 
after about 5 minutes of waiting, mine never 
recovered. This exploit may or may not work on your 
device. My testing was performed on a NetScreen 5. 
The higher-end, more pricier models may take longer 
to "eat up" all the available sessions, thus taking 
longer for a DoS to occur. 

I have contacted NetScreen in regards to the issue. I 
received a response back that the problem is a 
known issue. It has been addressed in ScreenOS 
3.1. An update to ScreenOS 3.1 is available for 
anyone with a NetScreen 200 or 500. For all other 
models, the update to ScreenOS 3.1 will be available 
on April 1, 2002.

I'd love to hear if anyone else has noticed this, or if 
other models are affected by this issue.

Cheers,
Chris Lathem
chris@lathemonline.com
http://www.lathemonline.com


 

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

Copyright 2014, SecurityGlobal.net LLC