Secure Computing Corporation Information for VU#328867
Multiple vendors' firewalls do not adequately keep state of FTP traffic
- Vendor Information Help Date Notified: 26 Sep 2002
- Statement Date:
- Date Updated: 16 Oct 2002
This is the official Secure Computing response to CERT Vulnerability Note VU# 328867 "Multiple vendors' firewalls do not adequately keep state of FTP traffic."
GAUNTLET (tm) FIREWALL & VPN (5.X and 6.0)
GAUNTLET E-PPLIANCE FIREWALL & VPN (EPL 1.X and 2.0)
SIDEWINDER(tm) FIREWALL & VPN (all releases including SIDEWINDER APPLIANCE)
Secure Computing's defense-in-depth architecture including the SecureOS(tm) operating system and application level proxies protect against this attack and another recent CERT vulnerability that affected lesser firewalls. Please see http://www.securecomputing.com/index.cfm?skey=232 for additional information.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.