Christian, IPSO is affected by the documented vulnerability in print-isakmp.c. As tcpdump is a troubleshooting tool which is not run during normal operation, the impact is low. If a malicious packet was seen on the network while running tcpdump, you might have to reboot your box, though.
A response (read: IPSO update) to this vulnerability is in the works. For more details - contact Nokia support :). Regards Shawn Behrens, CCMSE CCSE CCNA CNE Integralis/Activis Managed Security Services 111 Founders Plaza East Hartford, CT 06108 1-860-528-5458 > -----Original Message----- > From: Christian ALT [mailto:[EMAIL PROTECTED] > Sent: Wednesday, February 04, 2004 5:11 AM > To: [EMAIL PROTECTED] > Subject: [FW-1] Nokia IPSO and tcpdump vulnerability > > > Today we have been made aware of two vulnerabilities in > tcpdump. Since it is > used in the IPSO environment and on Intrusion.com devices, I > wanted to know > if those systems are vulnerable, if some other appliances use > also tcpdump. > > We have a short description of the vulnerabilities available at > > http://www.TLAnews.com/TLA/NEWS/2004sec/20040204Tcpdump-Vulner ability.htm TIA Christian ALT Telecom and Logistics Associates Network and Secuirty Company http://www.tla.ch Firewall-1 FAQ http://www.tla.ch/TLA/FW/FW1FAQ.html --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.573 / Virus Database: 363 - Release Date: 28.01.2004 ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= Please note that: 1. This e-mail may constitute privileged information. If you are not the intended recipient, you have received this confidential email and any attachments transmitted with it in error and you must not disclose, copy, circulate or in any other way use or rely on this information. 2. E-mails to and from the company are monitored for operational reasons and in accordance with lawful business practices. 3. The contents of this email are those of the individual and do not necessarily represent the views of the company. 4. The company does not conclude contracts by email and all negotiations are subject to contract. 5. The company accepts no responsibility once an e-mail and any attachments is sent. http://www.integralis.com ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
