C-Note-06-027: Do Not Apply the Latest Proventia G Download (12/14/06)

ISS has confirmed that the update to the IPS security content module (PAM) on Dec. 13, 2006, under certain circumstances, may cause a situation called "network flapping." This issue is a result of a change to a particular parser included in the update. Network flapping creates a high level of latency and may have the ability to cause small amounts of packet loss. Under certain loads, this condition can cause a loss of network connectivity or a network outage. Although this issue has only been reported and confirmed for Proventia Network IPS, it is suspected to impact other products. The condition is induced by specific network traffic and is most likely to present itself quickly in a sensor or agent that processes a high volume of network traffic.

This advisory is posted at: https://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_faqid=3819

CIAC would like to thank Internet Security Systems for this information.