Sidewinder G2 Firewall Admin Interface Private Key Export

2004-05-18T05:45:34
ID OSVDB:6235
Type osvdb
Reporter OSVDB
Modified 2004-05-18T05:45:34

Description

Vulnerability Description

Sidewinder G2 contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when the firewall certificates are exported, which will disclose the private key, resulting in a loss of confidentiality.

Solution Description

Upgrade to version 6.1.0.02 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

Sidewinder G2 contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when the firewall certificates are exported, which will disclose the private key, resulting in a loss of confidentiality.

References:

Vendor URL: http://www.securecomputing.com/ Vendor Specific Solution URL: ftp://ftp.activations.securecomputing.com/packages/sidewinder/6.1/61002 Vendor Specific Advisory URL Secunia Advisory ID:11632 Related OSVDB ID: 6232 Related OSVDB ID: 6231 Related OSVDB ID: 6234 Related OSVDB ID: 6236 Related OSVDB ID: 6233 CVE-2004-2544