Vulnerability: NetScreen ScreenOS

A flaw in the operating system used in NetScreen's firewall/VPN servers could be exploited to cause the machine to reboot, resulting in a temporary service outing.

Due to a bug in ScreenOS, a non-privileged user who attempts to connect to a NetScreen Security Device management IP from the range of addresses permitted by the manager-ip feature with a particular TCP window option setting, can cause the system to crash and reboot. This issue affects Telnet and WebUI (HTTP/HTTPS) management, as well as WebAuth authentication service (HTTP/HTTPS).

Affected products: NetScreen Firewall/VPN products running ScreenOS 4.0.1r1 through 4.0.1r6 and 4.0.3r1 and 4.0.3r2.

For details, see

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

More about NetScreen

Show Comments