Sophos fixes vulnerabilities in its Web security appliance

The flaws could allow attackers to execute commands with high privileges and read sensitive passwords stored on the product

By Lucian Constantin, IDG News Service |  Networking

Williams analyzed different types of appliances from some of the leading security vendors, including Symantec, Sophos, Trend Micro, Cisco, Barracuda, McAfee and Citrix, and said that over 80 percent of them contained serious vulnerabilities that were relatively easy to find.

One of the examples presented by Williams during his talk at Black Hat Europe and covered in more detail in a white paper released later, involved multiple vulnerabilities that he found in the Sophos Email Appliance last year.

"The Sophos Email Appliance (v3.7.4.0) had multiple vulnerabilities which in combination could allow the system to be fully compromised, giving an attacker both administrative access to the UI, and a root shell on the underlying operating system," Williams said in the paper. "These included various instances of command injection, XSS with session-hijacking, CSRF, session-fixation, etc."

Sophos addressed those flaws in January 2013, along with other issues discovered during its own security review of the product. Williams commended Sophos for the auto-update feature built into its appliances, which he said is not the norm in products from other vendors.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Ask a Question
randomness