In association with heise online

27 May 2009, 16:11

Vulnerabilities in Nortel and SonicWall products

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Security services provider SEC Consult has issued reports of vulnerabilities in Nortel and SonicWall products. Two vulnerabilities in Nortel Contact Center Manager Server allow unauthorised access to the server. According to the report, administrative rights can easily be obtained by setting a cookie with simple content. In addition, in response to certain queries the SOAP interface returns passwords in plain text. Nortel has released an update which fixes the problems.

Vulnerabilities in SonicWall's Global Security Client (GSC) and Global VPN Client (GVC) allow privilege escalation. In GSC, it merely requires an attacker to call a windows command line (cmd.exe) via the Eventviewer – this then runs with SYSTEM privileges. In GVC, attackers can replace the binaries for the VPN service with programs of their choice.

In addition, the SonicOS appliance operating system contains a format string vulnerability which can be used to crash the system. According to SEC Consult, no patch or update has been released by SonicWall despite the vulnerability having been reported in 2006. According to the report, further attempts to contact SonicWall have been met with – a wall of silence.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit