Network Appliance Information for VU#222750

TCP/IP implementations do not adequately validate ICMP error messages

Status

Affected

Vendor Statement

The Data ONTAP operating system has historically implemented some, but not all, of the recommendations from http://www.ietf.org/internet-drafts/draft-gont-tcpm-icmp-attacks-03.txt

NetApp has implemented the remaining recommendations under bug ID 138865. Customers may, as always, check bug status and download patches from http://now.netapp.com/

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.