论坛: 系统集成 标题: NetScreen非IP协议流量绕过防火墙漏洞[转帖] 复制本贴地址    
作者: Achieve [achieve]    版主   登录
发布时间:2003-07-09
更新时间:2003-07-12
严重程度:低
威胁程度:其它
错误类型:设计错误
利用方式:服务器模式

BUGTRAQ ID:8150

受影响系统
NetScreen ScreenOS 3.1.1r2 
NetScreen ScreenOS 3.1.0r9 
NetScreen ScreenOS 3.1.0r2 
NetScreen ScreenOS 3.1.0r1 
NetScreen ScreenOS 3.1.0   
NetScreen ScreenOS 3.0.0r4 
NetScreen ScreenOS 3.0.0r3 
NetScreen ScreenOS 3.0.0r2 
NetScreen ScreenOS 3.0.0r1 
NetScreen ScreenOS 3.0.0   
NetScreen ScreenOS 2.8.0r1 
NetScreen ScreenOS 1.7     
NetScreen ScreenOS 1.64     
NetScreen ScreenOS 1.66 r2 
NetScreen ScreenOS 1.66     
NetScreen ScreenOS 1.73 r2 
NetScreen ScreenOS 1.73 r1 
NetScreen ScreenOS 2.0.1 r8 
NetScreen ScreenOS 2.1 r7   
NetScreen ScreenOS 2.1 r6   
NetScreen ScreenOS 2.1     
NetScreen ScreenOS 2.5 r6   
NetScreen ScreenOS 2.5 r2   
NetScreen ScreenOS 2.5 r1   
NetScreen ScreenOS 2.5     
NetScreen ScreenOS 2.6     
NetScreen ScreenOS 2.6.1 r5 
NetScreen ScreenOS 2.6.1 r4 
NetScreen ScreenOS 2.6.1 r3 
NetScreen ScreenOS 2.6.1 r2 
NetScreen ScreenOS 2.6.1 r1 
NetScreen ScreenOS 2.6.1   
NetScreen ScreenOS 2.7.1 r3 
NetScreen ScreenOS 2.7.1 r2 
NetScreen ScreenOS 2.7.1 r1 
NetScreen ScreenOS 2.7.1   
NetScreen ScreenOS 2.8     
NetScreen ScreenOS 2.10 r4 
NetScreen ScreenOS 2.10 r3 
NetScreen ScreenOS 3.0.1 r2 
NetScreen ScreenOS 3.0.1 r1 
NetScreen ScreenOS 3.0.1   
NetScreen ScreenOS 3.0.2   
NetScreen ScreenOS 3.0.3 r1.1
NetScreen ScreenOS 3.0.3   
NetScreen ScreenOS 4.0 -DIAL
NetScreen ScreenOS 4.0     
NetScreen ScreenOS 4.0.1   
NetScreen ScreenOS 4.0.3
详细描述
NetScreen 25、50、204、208、500、5200及5400系统默认运行于bridge模式下,不进行IP包的转发,在某些配置情况下,紧邻防火墙的设备可以在链路层发送非IP协议的数据帧(比如Netware SAP)使之通过防火墙攻击墙后的IPX机器。

解决方案
厂商还未提供解决方案。

相关信息
NetScreen Advisory 57605 http://www.netscreen.com/services/security/alerts/advisory-57605.txt

地主 发表时间: 10/12 13:06

论坛: 系统集成

20CN网络安全小组版权所有
Copyright © 2000-2010 20CN Security Group. All Rights Reserved.
论坛程序编写:NetDemon

粤ICP备05087286号