Are SonicWall firewalls vulnerable against CVE-2016-6515?

Description

The auth_password function in auth-passwd.c in sshd in OpenSSH before 7.3 does not limit password lengths for password authentication, which allows remote attackers to cause a denial of service (crypt CPU consumption) via a long string.

Resolution

SonicOS (firewall) is not vulnerable as it does not use OpenSSH code for authentication.

References used:

  • https://nvd.nist.gov/vuln/detail/CVE-2016-6515

Related Articles

  • How to configure Link Aggregation
    Read More
  • Web Proxy Forwarding is not Supported to a Server on the LAN
    Read More
  • How to block ICMP (Ping ) using Application control
    Read More

Categories

Firewalls
SonicWall NSA Series
Firmware
Firewalls
SonicWall SuperMassive 9000 Series
Firmware
Firewalls
TZ Series
Firmware
not finding your answers?
Ask the Community