Microsoft Corporation Information for VU#328867
Multiple vendors' firewalls do not adequately keep state of FTP traffic
- Vendor Information Help Date Notified: 23 Jul 2002
- Statement Date:
- Date Updated: 09 Oct 2002
Our investigations have shown that this vulnerability relies on the firewall behavior to inspect TCP resend packets. ISA makes the inspection in user mode, above the TCP/IP stack, and the resend packets will be ignored silently by TCP/IP and will not pass to ISA inspection (in this case FTP application filter inspection).
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.