copyright | disclaimer | privacy | contact  
Australia's Leading Computer Emergency Response Team
 
Search this site

 
On this site

 > HOME
 > About AusCERT
 > Membership
 > Contact Us
 > PKI Services
 > Training
 > Publications
 > Sec. Bulletins
 > Conferences
 > News & Media
 > Services
 > Web Log
 > Site Map
 > Site Help
 > Member login

  Home » Security Bul... » Security Bul... » AusCERT Secu... » ASB-2013.0032 - [Win][Appliance] Dell SonicWALL Scru...
 

ASB-2013.0032 - [Win][Appliance] Dell SonicWALL Scrutinizer: Execute arbitrary code/commands - Remote/unauthenticated
Date: 01 March 2013

Click here for printable version
Click here for PGP verifiable version
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
                         AUSCERT Security Bulletin

                               ASB-2013.0032
        Multiple high severity vulnerabilities have been discovered
                       in Dell SonicWALL Scrutinizer
                               1 March 2013

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:              Dell SonicWALL Scrutinizer
Operating System:     Windows
                      Network Appliance
Impact/Access:        Execute Arbitrary Code/Commands -- Remote/Unauthenticated
Resolution:           Patch/Upgrade
Member content until: Sunday, March 31 2013

OVERVIEW

        Multiple high severity vulnerabilities were discovered in Dell 
        SonicWALL Scrutinizer. [1]


IMPACT

        The vendor has provided the following details regarding these 
        vulnerabilities:
        
        "Multiple persistent input validation vulnerabilities were detected 
        in the Sonicwall OEM Scrutinizer v9.5.2 and earlier applications. 
        The bugs allow remote attackers to implement/inject malicious script 
        code on the application side (persistent). Successful exploitation 
        of the vulnerabilities can lead to persistent session hijacking 
        (manager/admin), persistent phishing, persistent external redirects to 
        malware or scam and persistent web context manipulation in the 
        affected vulnerable module(s). Exploitation requires low user 
        interaction & a low privileged appliance web application user account.
        
        A blind SQL Injection vulnerability was detected in the Sonicwall OEM 
        Scrutinizer v9.5.2 and earlierapplications. The bug allows remote 
        attackers to execute/inject own sql statement/commands to manipulate 
        the affected vulnerable application dbms. Exploitation requires no 
        user interaction & without privileged application user account. 
        Successful exploitation of the remote sql vulnerability results in 
        dbms & application compromise." [1]


MITIGATION

        The vendor recommends existing users of Dell SonicWALL Scrutinizer 
        10.1.0 and earlier versions to upgrade to version 10.1.2. [1]


REFERENCES

        [1] Dell SonicWALL Scrutinizer Service Bulletin for Multiple
            Vulnerabilities
            http://www.sonicwall.com/us/shared/download/Support_Bulletin_-_Scrutinizer_Vulnerabilities_130222.pdf

AusCERT has made every effort to ensure that the information contained
in this document is accurate.  However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours 
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBUTA1Ce4yVqjM2NGpAQIrRg/+Iw1MKOfC1TntGHrZ9aNRnEQIsZ/VHpld
rLEXrv0xNJVgwSrloom28CEIf2VJ51lu3VyWkk0Ld8iyvFuONa6dxMNRhMQmmWS8
0gyHSfw0tWlzVwES7AokoNRcNs1pZdveAw4uR63hwfepyz7WMBYUqoBRTQP8vCRV
UUWawTwLy4YFYkoKuiDvTy28Mzxqe/B3wKGTMo++yGUN6Ws3yECYPdJgMYlS+BOJ
8sauIbzzTW49Tih1fb2LE+zVqIGUDlrV093RTEvG4K7dKWwchcGFhriFN5/A0dNt
nphQS936KgriJxQuq1htV4ouPsIIE4jVMWad+jli18C04HyHaD/krUeTGqwxCAlL
1XGf7HHD4kmjgYJ04JVqu7cldaXypgBcZsSlHhPRWt/RrZ7wBtoLMWn4tCLnycsy
Cwdz714Oc8VygelvK2OgaIQRc1vQZ4PyaC4WOv9YUnfK1ZomX56NqiUqQFTqQifs
brVkwhOaMdZMDROC9HFnQ987u1E2WaAkV5p/+YJrO7CSo7dwZiKAAolY+IBnorWY
KQKmFDsJJojjfDVW+QMg0fIbRNpzQAqJ3mbJumvBu9cKfhgvMD2252uJzFLPr6F3
2KszyyK0YzqRJW0trtsv2fqN2Cw2BVxizueJDMgGbDY7goYTrgRQev6iYlr25E/Z
OkPNp40NMMY=
=oGu5
-----END PGP SIGNATURE-----




Comments? Click here http://www.auscert.org.au/render.html?cid=10415&it=17113