Service Bulletin: SonicWALL SSL VPN Vulnerabilities
Affected Products
NetExtender on the SonicWALL SSL-VPN 200, 2000 and 4000 platforms
Issue Summary
Firmware v3.0 is now available to all customers in order to address some vulnerabilities that were discovered in NetExtender on the SSL-VPN 200, 2000 and 4000 products.
Details
Recently, several vulnerabilities in the NetExtender ActiveX control were reported by Mike Zusman, a Senior Consultant for Intrepidus Group. He reported that an arbitrary executable program could be downloaded and executed. In order to prevent this, SonicWALL has responded by signing the NetExtender installer and validates the installer signature before being launched. Mike also demonstrated a method to repurpose ActiveX which was resolved by the introduction of server validation that includes dynamically generated encryption keys.
Issue Resolution
Please visit www.mysonicwall.com to obtain a copy of firmware version 3.0 for your SSL-VPN 200, 2000 and/or 4000 product(s), with or without a valid support contract.
