SonicWALL Adds Protection From SSL Certificate Null Byte Poisoning ExploitSonicWALL Adds Protection From SSL Certificate Null Byte Poisoning Exploit
Vulnerability allows attackers to perform "man-in-the-middle" session hijacking various browser and non-browser based SSL implementations
August 5, 2009
SUNNYVALE, Calif., Aug. 3 /PRNewswire-FirstCall/ --SonicWALL, Inc. (Nasdaq: SNWL), a leading secure network infrastructure company, has deployed protection against SSL Certificate Null Byte Poisoning vulnerability (CVE-2009-2408). Users of the company's Unified Threat Management Firewall technology, which protects against viruses, Trojans, worms and other threats and vulnerabilities, automatically receive updated signatures designed to repel security threats.
This vulnerability allows attackers to perform "man-in-the-middle" session hijacking various browser and non-browser based SSL implementations. Once an attacker successfully obtains a specially crafted null byte stuffed certificate designed to imitate the origin content server, privacy of the data can be compromised since there will be no distinguishable notification to the user that the secure connection has been intercepted by an unknown 3rd party. In addition, SSL sessions compromised as a result of the above mentioned vulnerability, can be used to install unwanted trojans and malware on the victim's computer.
The vulnerability was first publicly disclosed during BlackHat security conference briefings in Las Vegas on July 29-30, 2009. On July 31, 2009, users of SonicWALL's Unified Threat Management technology received updated signatures designed to protect against this threat. SonicWALL has issued the following IPS signature
IPS SID: 1266 EXPLOIT - SSL Server Certificate Null Byte Poisoning.
SonicWALL has developed unique technologies to deliver zero day gateway anti-virus, anti-spyware and intrusion prevention signatures to its subscribers on a continual basis, allowing them to defend against new and existing Internet attacks and exploits such as phishing, viruses, DHA or DoS attacks and more. Customers with a current subscription to SonicWALL's gateway threat prevention services are not affected by this vulnerability.
Further information on these and other vulnerabilities is available at:
About SonicWALL, Inc.
SonicWALL, Inc. the leader in network security, focuses on developing solutions that remove the cost and complexity out of managing a secure network environment. With over one million award-winning appliances shipped through its global network of ten thousand channel partners, SonicWALL provides end-to-end solutions including Firewalls, SSL VPN's, Email Security and Continuous Data Protection that collectively ensure robust, secure network protection. For more information, visit the company web site at http://www.sonicwall.com/.
Tricks to Boost Your Threat Hunting GameNov 06, 2023
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication MethodsOct 26, 2023
Modern Supply Chain Security: Integrated, Interconnected, and Context-DrivenNov 06, 2023
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
9 Traits You Need to Succeed as a Cybersecurity Leader
The Ultimate Guide to the CISSP
The Burnout Breach: How employee burnout is emerging as the next frontier in cybersecurity
Maximize the Human Potential of Your SOC
Gone Phishing: How to Defend Against Persistent Phishing Attempts Targeting Your Organization