NetScreen Information for VU#539363
State-based firewalls fail to effectively manage session table resource exhaustion
- Vendor Information Help Date Notified: 05 Jun 2002
- Statement Date:
- Date Updated: 27 Nov 2002
NetScreen has studied the issues raised in this vulnerability alert. With proper configuration of their firewalls, customers can virtually eliminate the impact of any of the proposed DoS attacks. Specifically, customers are strongly advised to utilize NetScreen's SYN Flood protection and UDP rate limiter. On some platforms, default timeout parameters might need to be changed in order to have a more consistent response to these attacks. Please refer to NetScreen's support site for more information.
The vendor has not provided us with any further information regarding this vulnerability.
Netscreen has published NetScreen Security Alert 52020 to address this issue; for more information, please see
If you have feedback, comments, or additional information about this vulnerability, please send us email.