31th May 2002 [SBWID-5390]
COMMAND
Netscreen unauthorised reboot issue
SYSTEMS AFFECTED
Netscreen 25 Software Version 3.0.1r1.1
PROBLEM
Quentyn Taylor [http://www.fotango.com] found following:
A remote user ( who is un authenticated ) can cause a netscreen 25 (
other versions untested) to reboot remotely. Software Version 3.0.1r1.1
which was current as of about 1 month ago and has no alerts shown
against it on netscreen\'s security alert\'s page.
Log on to the netscreen with a user name of
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
and the device reboots
this looks similar to http://www.securitybugware.org/Other/3061.html
from a year ago
remote syslog shows just that the device\'s interfaces came back up
May 24 14:36:59 192.168.1.100 phaedra: NetScreen device_id=phaedra
system-notification-00513: The physical state of the interface trust
has
changed to Up (2002-05-24 13:36:47)
May 24 14:36:59 192.168.1.100 phaedra: NetScreen device_id=phaedra
system-notification-00513: The physical state of the interface untrust
has changed to Up (2002-05-24 13:36:47)
May 24 14:36:59 192.168.1.100 phaedra: NetScreen device_id=phaedra
system-notification-00513: The physical state of the interface DMZ has
changed to Up (2002-05-24 13:36:48)
##### Start of console output
phaedra-> *******************************************************
Exception Dump
*******************************************************
System up time: 3 hours 20 minutes 48 seconds
Exception(Instruction TLB Miss)
GPR:
R0: 78787878 R1: 03044e50 R2: 00470928 R3: 00000000
R4: 03044e08 R5: 000000ac R6: 0074bde8 R7: 78787878
R8: 004c9d70 R9: 03a81d50 R10: 004fcb58 R11: 004d0000
R12: 40000024 R13: 004d1344 R14: 000d0904 R15: 80020020
R16: 43c00da1 R17: 300b6030 R18: 60101022 R19: 00000000
R20: 00750000 R21: 00470000 R22: 00000001 R23: 00755078
R24: 78787878 R25: 78787878 R26: 78787878 R27: 78787878
R28: 78787878 R29: 78787878 R30: 78787878 R31: 78787878
Special Register:
CR: 20000024 XER: 00000000 LR: 78787878 CTR: 00000000
MSR: 00021200 SRR0: 78787878 SRR1: 00029230 SRR2: 00300044
SRR3: 00000000 DBSR: 00000000 TCR: fc000000 TSR: 04000000
ESR: 00000000 DEAR: 00000000 PID: 00000000
*******************************************************
Exception Dump
*******************************************************
System up time: 3 hours 20 minutes 48 seconds
Exception(Machine Check)
GPR:
R0: 78787878 R1: 03044d68 R2: 00470928 R3: 00000000
R4: 00000000 R5: 00000000 R6: 78787878 R7: 002fffd4
R8: 004c9d70 R9: 00000000 R10: 000002ec R11: 00000020
R12: 40000024 R13: 004d1344 R14: 000d0904 R15: 80020020
R16: 43c00da1 R17: 300b6030 R18: 60101022 R19: 00000000
R20: 00750000 R21: 00470000 R22: 00000001 R23: 00755078
R24: 78787878 R25: 78787878 R26: 78787878 R27: 00000001
R28: 03044d94 R29: 0000001f R30: 78787878 R31: 00000000
Special Register:
CR: 40000024 XER: 20000000 LR: 002fffd4 CTR: 00000000
MSR: 00000000 SRR0: 78787878 SRR1: 00029230 SRR2: 00300044
SRR3: 00021200 DBSR: 00000000 TCR: fc000000 TSR: 0c000000
ESR: 00000000 DEAR: 00000000 PID: 00000000
Trace Dump:
00300044 002fffd4 002ff8f4 002fee04 00000000
System Level:
Image In Interrupt Level
********************************************************
Please use GDB to track the trace
********************************************************
ð
NetScreen PowerPC 405GP BootROM V1.01
(c)1997-2002 NetScreen Technologies Inc. All rights reserved
Check Platform...... NS-25
<snip normal netscreen start up>
###### End
SOLUTION
restrict the IP\'s that can connect to the web interface.
and upgrade to the latest version, ScreenOS 3.0.1r2
TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH
