Norman Safeground has been made aware of a potential issue in the front-end module of Npro where a high network traffic volume of a certain kind may cause the process to ‘get stuck’ with a high CPU utilization. We have started work to analyze the problem, to determine how to remedy the situation.
Our initial analysis shows that the situation does not compromise the security of the node(s) affected. The security software, especially the on-access file system scanner, will continue to function as expected.
To create this situation, local access to the affected port is necessary. Given that the product is intended for use on LAN’s with no exposure to the public internet, we judge the severity of the problem to be limited. We will, however, give the analysis effort high priority.