Peaches Posted June 10, 2009 Report Share Posted June 10, 2009 10 June 2009, 12:03Security updates from SonicWALL "SonicWALL has released updates for firmware versions SonicOS 3.x and SonicOS 4.x on Generation 4 firewall appliances, aimed at fixing a logging-related format string vulnerability. In certain cases, this can cause a crash, followed by a reboot. According to the vendor, Generation 5 appliances are not affected. The discoverer of the vulnerability, service provider SEC Consult, says that SonicWALL was informed of the vulnerability in 2006 and repeatedly failed to respond to their communications.Just a few weeks ago SonicWALL was forced to issue an update for its SSL VPN 200, 2000 and 4000 appliances in order to fix a format string vulnerability. In that case it was reportedly possible to remotely read memory and possibly to inject and execute code. The discoverer of these vulnerabilities also reported difficulties in contacting SonicWALL and in getting information on the vulnerabilities to them."See also:SonicOS Vulnerability, report from SonicWALL.Vulnerabilities in Nortel and SonicWALL productsSonicWALL - SSL-VPN Remote Access, report from aushack.com.(djwm) Heise security - http://www.h-online.com/security/Security-...L--/news/113496 Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.