Resolved vulnerabilities in SNS 4.0.3
S7 protocol
The firewall would restart unexpectedly whenever:
- S7 traffic included an exchange containing an invalid request packet followed by an invalid response packet,
and - The alarm "S7: invalid protocol” (alarm s7:380) was set to "Pass",
and - The option “Log each S7 request” was enabled in the S7 protocol parameters.
This flaw has been fixed.
SIP over TCP protocol
An anomaly, which could result in a SIP session double lock and the sudden shutdown of the SIP over TCP protocol analysis, has been fixed.
Details on this vulnerability can be found on our website https://advisories.stormshield.eu.
SNMP
Support reference 76629
Running an SNMP operation when a wrong OID (that does not begin with ".") is added to the blacklist in the SNMP protocol parameters, no longer causes the firewall to reboot in loop.
Details on this vulnerability can be found on our website https://advisories.stormshield.eu.
FreeBSD
If a field in the IPv6 header was not properly initialized, it would cause a memory leak that cannot be exploited.
This vulnerability (CVE-2020-7451) was fixed after a security patch was applied to the FreeBSD TCP network stack.
NetBIOS
A vulnerability made it possible to send specially crafted NetBIOS packets through the firewall during NetBIOS sessions to launch denial of service attacks.
Details on this vulnerability can be found on our website https://advisories.stormshield.eu.