Service Bulletin: SonicWALL Network Security Appliances
SonicWALL TZ, PRO and NSA appliances running SonicOS Enhanced and using the Content Filtering Service (CFS) block page.
A vulnerability has been found in SonicWALL network security appliances running SonicOS Enhanced that allows remote attackers to execute a script injection attack on arbitrary sites through vulnerable installations of SonicWALL appliances taking advantage of the CFS block page. User interaction is required to exploit this vulnerability in that the user must visit a malicious Web page or open a malicious Web link. The specific flaw exists in the default error page displayed when a user requests access to a Web site that is blocked based on the device’s content filtering rules. Insufficient sanity checks allow an attacker to craft a URL that will trigger an error and simultaneously inject a malicious script. As the browser is unable to differentiate between content delivered from the original top level site requested and the inline device, the script injection occurs under the context of the target domain. This can result in various further compromises.
Customers utilizing the CFS block page on a TZ, PRO or NSA appliance running SonicOS Enhanced are susceptible to the vulnerability.
Customers with SonicWALL appliances susceptible to this vulnerability should download the latest version of SonicOS Enhanced by visiting www.mysonicwall.com:
- SonicOS 126.96.36.199e for the TZ 170, TZ 170 W, TZ 170 SP, TZ 170 SPW, PRO 1260
- SonicOS 188.8.131.52e for the TZ 180, TZ 180 W, TZ 190, TZ 190 W
- SonicOS 184.108.40.206e for the PRO 2040, PRO 3060, PRO 4060, PRO 4100, PRO 5060
- SonicOS 220.127.116.11o for the NSA 2400, NSA 3500, NSA 4500, NSA 5000, NSA E5500, NSA E6500, NSA E7500
- SonicOS 18.104.22.168o for the NSA 240
Note: Those customers with SonicWALL appliances running SonicOS Standard and utilizing the CFS block page are not susceptible to the following vulnerability.
For more information about this Service Bulletin, please contact SonicWALL Support Services. http://www.sonicwall.com/us/Support.html