NetScreen Information for VU#539363
State-based firewalls fail to effectively manage session table resource exhaustion
NetScreen has studied the issues raised in this vulnerability alert. With proper configuration of their firewalls, customers can virtually eliminate the impact of any of the proposed DoS attacks. Specifically, customers are strongly advised to utilize NetScreen's SYN Flood protection and UDP rate limiter. On some platforms, default timeout parameters might need to be changed in order to have a more consistent response to these attacks. Please refer to NetScreen's support site for more information.
The vendor has not provided us with any further information regarding this vulnerability.
Netscreen has published NetScreen Security Alert 52020 to address this issue; for more information, please see