This vulnerability allows attackers to perform "man-in-the-middle" session hijacking various browser and non-browser based SSL implementations. Once an attacker successfully obtains a specially crafted null byte stuffed certificate designed to imitate the origin content server, privacy of the data can be compromised since there will be no distinguishable notification to the user that the secure connection has been intercepted by an unknown 3rd party. In addition, SSL sessions compromised as a result of the above mentioned vulnerability, can be used to install unwanted trojans and malware on the victim's computer.
The vulnerability was first publicly disclosed during BlackHat security conference briefings in Las Vegas on July 29-30, 2009. On July 31, 2009, users of SonicWALL's Unified Threat Management technology received updated signatures designed to protect against this threat. SonicWALL has issued the following IPS signature
IPS SID: 1266 EXPLOIT - SSL Server Certificate Null Byte Poisoning.
SonicWALL has developed unique technologies to deliver zero day gateway anti-virus, anti-spyware and intrusion prevention signatures to its subscribers on a continual basis, allowing them to defend against new and existing Internet attacks and exploits such as phishing, viruses, DHA or DoS attacks and more. Customers with a current subscription to SonicWALL's gateway threat prevention services are not affected by this vulnerability.
Further information on these and other vulnerabilities is available at:
About SonicWALL, Inc.
SonicWALL, Inc. the leader in network security, focuses on developing solutions that remove the cost and complexity out of managing a secure network environment. With over one million award-winning appliances shipped through its global network of ten thousand channel partners, SonicWALL provides end-to-end solutions including Firewalls, SSL VPN's, Email Security and Continuous Data Protection that collectively ensure robust, secure network protection. For more information, visit the company web site at http://www.sonicwall.com/.