In association with heise online

31 October 2008, 15:35

SonicWall fixes vulnerabilities in its routers

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

SonicWall has released an update for its SonicOS Enhanced router operating system for the SonicWALL TZ 190, TZ 190 Wireless, TZ 180 and TZ 180 Wireless devices. The firmware update removes two vulnerabilities along with other changes. It prevents attackers from carrying out DNS cache poisoning attacks on its routers and redirecting users to specially crafted web pages, a problem which has been known about since the beginning of July.

The update also solves a problem with the display of the error page that appears when a users tries to access a blocked web page. In certain circumstances, vulnerable firewalls execute attached JavaScript code in the context of the accessed domain. According to The Zero Day Initiative (ZDI), who discovered the hole, the vulnerability could be exploited for more extensive attacks.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit