Title: NetScreen ScreenOS Firewall Policy Bypass Vulnerability
Severity: MODERATE
Description:
NetScreen is a line of internet security appliances inetgrating firewall, VPN and traffic management features.
Versions of ScreenOS, the inbuild OS of two models in the NetScreen line (NetScreen-10 & -100) contain a flaw which may permit some packets, of a type which has been denied, to enter the DMZ. The vendor notes that this vulnerability does not affect traffic reaching the protected network, and that this issue only arises under certain circumstances, dictated by traffic patterns on the network.
As a result of this vulnerability, potentially malicious packets of a type which has been prohibited in the device's policy may, to a limited extent, reach the DMZ network.
Further details of this vulnerability were not made available.
Affected Products:
- NetScreen ScreenOS 1.64.0
- NetScreen ScreenOS 1.66.0
- NetScreen ScreenOS 2.1.0
- NetScreen ScreenOS 2.5.0
References:
- NetScreen: NetScreen Homepage
- NetScreen: NetScreen software download form
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
