Bugtraq mailing list archives
Re: Alteon ACEdirector signature/security bug
From: Mike Rogers <mprogers () nortelnetworks com>
Date: 8 Feb 2002 15:04:34 -0000
In-Reply-To: <20020125160940.A8217 () doit wisc edu> Second Attempt - perhaps new users are not allowed to post? Problem was raised to High priority as soon as the original posting was received. Handling of half closed connections in our delayed binding modes (where the switch intercepts the connection to the server to examine the request) has been fixed, and a patch should be released for all current software versions within 2 weeks. Preventing occasional "leakage" of Real Server addresses after a connection did not close cleanly, is in process. This typically occurs when a client does not acknowledge a server FIN, leaving the server retransmitting after the switch has removed the session entry (translation information). Further details to follow shortly. --------------------------------------------- Nortel Networks: Intelligent Edge / Alteon Mike Rogers, Director, Customer Engineering Phone: +1 603-661-9091 (HQ VM +1-408-360-5631) eFax: +1-603-816-9196 ---------------------------------------------
Current thread:
- Re: Alteon ACEdirector signature/security bug Mike Rogers (Feb 08)