There is a vulnerability in NetScreen's latest ScreenOS that allows a malicious user to create a denial of service attack remotely. This has only been confirmed with the following operating systems and NetScreen hardware. Microsoft Windows 2000 Professional SP1 and SP2 NetScreen 204 and 208 By modifying the TCP Window size in the registry in W2K a user can cause a NetScreen 20x running ScreenOS 4.0.3r2 to core dump the ASIC and reboot. This only affects devices that have management services such as Web, Telnet, or SSH enabled on an interface. When a user tries to connect to one of the management ports with the registry settings below the NetScreen crashes. \HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters New DWORD Value Tcp1323Opts HEX 3 TcpWindowSize Decimal 131400 Papa Love Mambo Research Group plm at ioerror.org
