Clavister Information for VU#412115
Network device drivers reuse old frame buffer data to pad packets
- Vendor Information Help Date Notified: 10 Jan 2003
- Statement Date: 10 Jan 2003
- Date Updated: 16 Jan 2003
Clavister Firewall: Not Vulnerable
All versions of Clavister Firewall explicitly fill frame paddings with zeroes above the driver level to avoid this problem. This prevents the firewall itself from becoming a source of information leaks, and also protects hosts that themselves are sources of information leaks.
This zero padding is done for all datagram types; IP as well as non-IP protocols like ARP.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.