The Secure Command Shell service on NetScreen firewall products contains a remotely exploitable denial-of-service vulnerability.
Firewall products from NetScreen Technologies, Inc. include a Secure Shell version 1 (SSHv1) implementation called Secure Command Shell (SCS). The SCS service contains a remotely exploitable denial-of-service vulnerability which can cause affected units to crash. According to the original reporter, programs which attempt to exploit VU#945216 trigger the vulnerability and cause the unit to crash. NetScreen has confirmed this, but has stated that this vulnerability is not the same as VU#945216.
A remote attacker can cause the affected unit to crash. The original reporter indicates that the system may subsequently require a hard reboot.
NetScreen has issued a patch for this vulnerability. Information about it can be found at
Thanks to Erik Parker of DigitalDefense for reporting this vulnerability.
This document was written by Chad R Dougherty.
|Date First Published:||2002-11-19|
|Date Last Updated:||2002-12-10 21:16 UTC|