ZyXEL Information for VU#328867
Multiple vendors' firewalls do not adequately keep state of FTP traffic
Unknown. If you are the vendor named above, please contact us to update your status.
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
It has been reported that the ZyXEL ZyWALL is not vulnerable, possibly if running firmware version 3.50 or higher.
This is a annoucement that our ZyWALL firewall series, including ZYWALL-1, ZyWALL-10, ZyWALL-50 and ZyWALL-100, are not vulnerable to the special FTP attack reported in CERT website (http://www.kb.cert.org/vuls/id/328867). ZyWALL firmware from day one v3.50 can prevent from this FTP vulnerability.
If you have feedback, comments, or additional information about this vulnerability, please send us email.