Is there an issue with Threat ID: Novell GroupWise Internet Agent SMTP AUTH LOGIN Command Parsing Overflow | 32968 |?

Is there an issue with Threat ID: Novell GroupWise Internet Agent SMTP AUTH LOGIN Command Parsing Overflow | 32968 |?

3394
Created On 03/08/23 16:57 PM - Last Modified 04/22/24 07:00 AM


Question


Is there an FP issue with with Threat ID: Novell GroupWise Internet Agent SMTP AUTH LOGIN Command Parsing Overflow (32968)?  

Environment


PAN-OS

Content  8684-7912

Answer


We are tracking reports of a potential FP issue with Threat ID 32968 - Novell GroupWise Internet Agent SMTP AUTH LOGIN Command Parsing Overflow.  We have engaged engineering and will update this KB once we have more information.  We are aware of a potential issue and investigating. 

 

Update: 03-09-2023 - Our content team has confirmed this signature is prone to false positives.  They will be updating the signature and pushing in a future content update.  We will provide an update with a target date once we receive one from our content development team.

Update: 03/15/2023 - We have updated the signature TID 32968 in the content version 8685-7918.  You should no longer notice issues with this signature after updating content to versions 8685 or later.

Additional Information


- Issue started after Threat Content Version:  8684-7912
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000kHGOCA2&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language