[17850] in bugtraq
Re: Nokia firewalls
daemon@ATHENA.MIT.EDU (van der Kooij, Hugo)
Thu Nov 30 14:42:46 2000
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-ID: <Pine.LNX.4.30.0011291932480.18047-100000@bastion.hugo.vanderkooij.org>
Date: Wed, 29 Nov 2000 19:37:29 +0100
Reply-To: Hugo.van.der.Kooij@CAIW.NL
From: "van der Kooij, Hugo" <Hugo.van.der.Kooij@CAIW.NL>
X-To: Richard Rager <kb8rln@PENGUINMASTER.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <Pine.LNX.4.30.0011281250310.16684-100000@penguin.penguinmaster.com>
On Tue, 28 Nov 2000, Richard Rager wrote:
> On Mon, 27 Nov 2000, van der Kooij, Hugo wrote:
>
> > > Anyhow, I just thought they may want to clean these things up...
> >
> Yes I wish they would.
The response of Nokia (case 31890):
we are aware of this issue, and your not the first to bring this to our
attention. This is a bug, yes it will be fixed very quickly but this is
not a major vulnerability, you do need a logon to the box. If this logon
was obtained through covert measures then you have bigger problems than
this bug! As Dameon Welch states, a properly secured IPSO box won't
experience this problem
Hugo.
PS: Dameon Welch is usually known for his Phoneboy FAQ.
--
Hugo van der Kooij; Oranje Nassaustraat 16; 3155 VJ Maasland
hvdkooij@caiw.nl http://home.kabelfoon.nl/~hvdkooij/
--------------------------------------------------------------
This message has not been checked and may contain harmfull content.
