As I said in my original posting to vuln-dev:
I think you will find that ALL stateful inspection firewalls
with FTP ALGs that do not reassemble the TCP stream are vulnerable
to this attack.
Jacek Lipkowski wrote:
>
> the recent firewall-1 pasv vulnerability also applies to cisco pix (don't
> know which version - it's not my pix :).
>
> jacek
--
Mikael Olsson, EnterNet Sweden AB, Box 393, S-891 28 �RNSK�LDSVIK
Phone: +46 (0)660 105 50 Fax: +46 (0)660 122 50
Mobile: +46 (0)70 66 77 636
WWW: http://www.enternet.se E-mail: [EMAIL PROTECTED]
