Home | FAQ | Contact | Privacy Policy
US-CERT
Vulnerability
Notes
Database

Search Vulnerability Notes

Vulnerability Notes Help Information
 

 View Notes By
Name

ID Number

CVE Name

Date Public

Date Published

Date Updated

Severity Metric

 Other Documents
Technical Alerts

Technical Bulletins

Alerts

Security Tips

SonicWall Information for VU#298521

Date Notified:2007-09-20
Date Updated:2007-11-05
Statement Date:
Status Summary:Vulnerable

Vendor Statement

SSL-VPN 200 Platform
--------------------
The fix was made publicly available on 7/20/07 with the web-post of
2.1.0.0-8sv. The web-posted firmware contains version 2.1.0.51 of the
NELaunchCtrl ActiveX control, which fixed the issue.

SSL-VPN 2000/4000 Platform
--------------------------
The fix was first made publicly available on 10/22/07 with the web-post
of 2.5.0.0-9sv.  The web-posted firmware contains version 2.5.0.53 of
the NELaunchCtrl ActiveX control, which fixed the issue.

Vendor Information

Addendum

These updates can be obtained from the SonicWall Support page. Please note that the client systems must connect to a NetExtender SSL VPN unit to obtain the fixed control. If you are unable to obtain a fixed version of the control, please disable the ActiveX control.

If you have feedback, comments, or additional information about this vulnerability, please send us email.
 

Produced 2009 by US-CERT, a government organization
Disclaimers and copyright information