Vulnerability: NetScreen ScreenOS

A flaw in the operating system used in NetScreen's firewall/VPN servers could be exploited to cause the machine to reboot, resulting in a temporary service outing.

Due to a bug in ScreenOS, a non-privileged user who attempts to connect to a NetScreen Security Device management IP from the range of addresses permitted by the manager-ip feature with a particular TCP window option setting, can cause the system to crash and reboot. This issue affects Telnet and WebUI (HTTP/HTTPS) management, as well as WebAuth authentication service (HTTP/HTTPS).

Affected products: NetScreen Firewall/VPN products running ScreenOS 4.0.1r1 through 4.0.1r6 and 4.0.3r1 and 4.0.3r2.

For details, see

Join the newsletter!

Error: Please check your email address.

More about NetScreen

Show Comments