Product Affected:
This issue can affect any Netscreen and ScreenOS Series products running ScreenOS.
Problem:
A vulnerability in ScreenOS
L2TP packet processing may allow a remote network based attacker to
cause a denial of service condition on ScreenOS devices by sending a
crafted L2TP packet.
This issue is assigned CVE-2015-7750.
Solution:
This issue has been resolved in ScreenOS 6.3.0r13-dnd1 and 6.3.0r18-dnc1.
This issue is being tracked as PR 1086779 and is visible on the Customer Support website.
KB16765
- "In which releases are vulnerabilities fixed?" describes which
release vulnerabilities are fixed as per our End of Engineering and End
of Life support policies.
Workaround:
On ScreenOS 6.3.0 this issue can be mitigated by not configuring L2TP settings.
No comments:
Post a Comment