Vulnerability Development mailing list archives

Re: network appliance...

From: mrousseau () SECURED ORG (Maxime Rousseau)
Date: Wed, 12 Apr 2000 03:25:16 -0400


Its probly less secure then you think, or as the vendor thinks :)

This looks like a case of a less distributed OS that dosent have much known
vulnerabilities but alot to discover. My advice is to inspect this closely
and possibly submit the system to some automated standard buffer overflow
checking program.

I am also interested in knowing what kind of can function in a network with
no open ports. Maybe the nmap was flawed? Maybe it works only in UDP? Maybe
its vulnerable to network sniffing/highjacking? Does it rely on obscurity of
a closed source network code to be secure, or is it really?

Those are all questions that i would have answered before i buy any new
system.

Have fun,

M.
Secured Industries
Why fear the unknown?

-----Original Message-----
From: JT
Sent: Monday, April 10, 2000 11:16 PM

has anyone heard of vulnerabilities in the Network Appliance base operating

systems?

Current thread:

network appliance... JT (Apr 10)
- Re: network appliance... Maxime Rousseau (Apr 12)
- Re: network appliance... Olle Segerdahl (Apr 12)
- Re: network appliance... nine (Apr 12)
  - Re: network appliance... Todd Garrison (Apr 12)
  - Re: network appliance... Dustin D. Trammell (Apr 12)
- Re: network appliance... Ryan Permeh (Apr 12)
- Re: network appliance... Jordan Ritter (Apr 12)
- Re: network appliance... Tom (Apr 12)
- Re: network appliance... Luiz Eduardo Gava (Apr 12)
- <Possible follow-ups>
- Re: network appliance... Lopez, Joe (Apr 12)
  - Re: network appliance... Dom De Vitto (Apr 12)

(Thread continues...)