Network Appliance Information for VU#222750
TCP/IP implementations do not adequately validate ICMP error messages
- Vendor Information Help Date Notified: 12 Aug 2004
- Statement Date:
- Date Updated: 11 Apr 2005
The Data ONTAP operating system has historically implemented some, but not all, of the recommendations from http://www.ietf.org/internet-drafts/draft-gont-tcpm-icmp-attacks-03.txt
NetApp has implemented the remaining recommendations under bug ID 138865. Customers may, as always, check bug status and download patches from http://now.netapp.com/
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.