Re: Alteon ACEdirector signature/security bug

[Mike Rogers <mprogers () nortelnetworks com>]

In-Reply-To: <20020125160940.A8217 () doit wisc edu>

Second Attempt - perhaps new users are not allowed 
to post?

Problem was raised to High priority as soon as the 
original posting was received.

Handling of half closed connections in our delayed 
binding modes (where the switch intercepts the 
connection to the server to examine the request) has 
been fixed, and a patch should be released for all 
current software versions within 2 weeks.

Preventing occasional "leakage" of Real Server 
addresses after a connection did not close cleanly, is 
in process. This typically occurs when a client does 
not acknowledge a server FIN, leaving the server 
retransmitting after the switch has removed the 
session entry (translation information).

Further details to follow shortly.

---------------------------------------------
Nortel Networks: Intelligent Edge / Alteon
Mike Rogers, Director, Customer Engineering
Phone: +1 603-661-9091 (HQ VM +1-408-360-5631)
eFax: +1-603-816-9196
---------------------------------------------