SonicWALL SSL-VPN End-Point: Buffer Overflow Vulnerability

Users of SonicWALL SSL-VPN End-Point please be advised of a Buffer Overflow vulnerability that has been identified.

To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)

Amplify’d from www.criticalwatch.com

SonicWALL-SA-10/29/2010: SonicWALL SSL-VPN End-Point - Buffer Overflow

Affected Software * SonicWALL SSL-VPN End-Point Interrogator/Installer ActiveX Control version 10.5.1.117

Description of Vulnerability Secunia Research has discovered a vulnerability in SonicWALL SSL-VPN End-Point Interrogator/Installer ActiveX Control, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by a boundary error in the "Install3rdPartyComponent()" method in the "Aventail.EPInstaller" ActiveX control when creating an absolute path name based on values in the "CabURL" and "Location" arguments. This can be exploited to cause a stack-based buffer overflow via overly long values. Successful exploitation allows execution of arbitrary code.Read more at www.criticalwatch.com

 

See this Amp at http://amplify.com/u/eazx