Skip to main content

Posts

Showing posts from August, 2015

OpenSSL X509_cmp_time DoS

After receiving the certificate (either from client to server or server to client) OpenSSL calls X509_cmp_time to perform various checks on the certificate including comparison of notBefore and notAfter validity times against the current time. The function allocates buffer to store bytes in VisibleString. The malformed VisibleString can lead to a read read-access violation, which leads to termination of application Using crafted certificate with malformed UTCTime or GeneralizedTime field Remote attacker can exploit this vulnerability causing denial of service. The vulnerability is referred by CVE as  CVE-2015-1789. If your security devices haven’t patch for this vulnerability, kindly look for update and patch it. If you are using Security Devices from Dell SonicWall, Dell SonicWALL has released an IPS signature to detect and block exploitation attempts targeting this vulnerability. The signature is listed below: 11109 OpenSSL X509 DoS 11110 OpenSSL X509 DoS 1 Ha

Microsoft Internet Explorer Memory Corruption Vulnerability

Microsoft has released an out-of-band security advisory on Aug 18, 2015 to address a critical Memory Corruption Vulnerability. It has been referred as MS15-093 . This vulnerability exists in Internet Explorer when the vulnerable versions of Internet Explorer improperly parse specially crafted webpage. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. It affects all versions of Internet Explorer. The affected users are suggested to install the update immediately, or apply the workarounds from the advisory The vulnerability is referred by CVE as   CVE-2015-2502.   Have a good time. (Be knowledgeable, pass it on then)

Microsoft Security Bulletin Coverage (August 11, 2015)

Microsoft has released security advisories as usual for month of August, 2015. You security devices, OS and Application should able to prevent below CVE ID. Otherwise, please patch first. If you are using Dell SonicWall Security Devices in your premises, then they all are patched. MS15-079  Cumulative Security Update fro Internet Explorer CVE-2015-2423  Unsafe Command Line Parameter Passing Vulnerability This is a local vulnerability. CVE-2015-2441  Memory Corruption Vulnerability There are no known exploits in the wild. CVE-2015-2442  Memory Corruption Vulnerability IPS: 11076  "Internet Explorer Memory Corruption Vulnerability (MS15-079) 1" CVE-2015-2443  Memory Corruption Vulnerability IPS: 11077  "Internet Explorer Memory Corruption Vulnerability (MS15-079) 2" CVE-2015-2444  Memory Corruption Vulnerability IPS: 11078  "Internet Explorer Memory Corruption Vulnerability (MS1

How to Configure a Route-Based VPN by using Tunnel Interface between two SonicWALL UTM appliances

It is not possible in SonicWall UTM Appliacnes to connect between Spoke to Spoke in Hub and Spoke IPSec VPN topology as Gateway in Spoke can only one time. We can solve this issue by using Route-Based VPN with Tunnel Interface. Take a look at below sample network diagram and let's configure route-based vpn in two sonicwall utm appliances. Step 1: Log into the SonicWALL Go to VPN > Settings and click on Add. The General tab of Tunnel Interface VPN named 'to 2' is shown w/ the IPSec Gateway equal to the other device's X1 IP address, 2.2.2.2 Step 2: Go to Network > routing and click Add . The Route Policy example shown below is one in which the source is Any, and the destination is the "2 Subnets", the service is Any, and the Interface is set to the name of the previously-created Tunnel Interface VPN, named 'to 2' ; note that the Gateway field is grayed out because SonicOS is smart enough to know that there is alrea

Save and Support victims of flooding in Myanmar