Resolved vulnerabilities in SNS 3.7.12 LTSB

S7 protocol

The firewall would restart unexpectedly whenever:

• S7 traffic included an exchange containing an invalid request packet followed by an invalid response packet,
  and
• The alarm "S7: invalid protocol” (alarm s7:380) was set to "Pass",
  and
• The option “Log each S7 request” was enabled in the S7 protocol parameters.

This flaw has been fixed.

Certificates and PKI

Checks are now conducted when certificates are processed, to prevent the execution of JavaScript code, which can be embedded in specially crafted certificates for malicious purposes.

Details on this vulnerability can be found on our website https://advisories.stormshield.eu.

SIP over TCP protocol

An anomaly, which could result in a SIP session double lock and the sudden shutdown of the SIP over TCP protocol analysis, has been fixed.

Details on this vulnerability can be found on our website https://advisories.stormshield.eu.

SNMP

Support reference 76629

Running an SNMP operation when a wrong OID (that does not begin with ".") is added to the blacklist in the SNMP protocol parameters, no longer causes the firewall to reboot in loop.

Details on this vulnerability can be found on our website https://advisories.stormshield.eu.

FreeBSD

The vulnerability CVE-2020-7451, which is due to a field that was not properly initialized in the IPv6 header of the TCP network stack, was fixed with the application of a FreeBSD security patch.

NetBIOS

A vulnerability made it possible to send specially crafted NetBIOS packets through the firewall during NetBIOS sessions to launch denial of service attacks.

Details on this vulnerability can be found on our website https://advisories.stormshield.eu.

NTP service

Vulnerability CVE-2019-8936 was resolved and various fixes were applied with the upgrade of the NTP service to version 4.2.8p14.