• Solutions
    • Solutions


    • Scan
    • Analyze
    • Score
    • Automate
    • What is on my network?
      Quickly, comprehensively and accurately assess endpoints and servers for operating system and application vulnerabilities.
    • Which assets are at risk, and what should I do about their vulnerabilities?
      Identify which assets are at risk and receive actionable intelligence to reduce workload and increase effectiveness.
    • How do I measure my overall risk and where should I focus remediation efforts?
      Benefit from a clear, easy-to-understand metric to determine your organization’s security posture.
    • How can I integrate Frontline vulnerability findings into my security workflow?
      Easily integrate discovered, analyzed, scored, and prioritized vulnerabilities into leading security workflow management platforms and SIEMs.
    • Test
    • Educate
    • Compliance
    • How do I assess where I’m exposed from an attacker’s perspective?
      Assess your “network attack surface” and your “personnel attack surface”.
    • How do I ensure all personnel are cognizant of risky “digital behavior”?
      Increase the security IQ of employees, contractors, and patrons to effectively defend against a security breach.
    • Am I meeting requisite compliance standards?
      Leverage the expertise of one of the world’s longest tenured PCI Approved Scanning Vendors (ASV) to achieve compliance AND an optimal level of security.
  • Cloud Subscriptions
    • Frontline Cloud Subscriptions


    • Frontline Advanced™
    • Frontline Pro™
    • Frontline PCI Pro™
    • Frontline Pen Test™
    • Frontline Advanced is Digital Defense’s flagship vulnerability management offering. Powerful and effective, the service is delivered in a rich, affordable and easy to consume subscription.
    • Frontline Pro provides the same industry leading solution subscription as Frontline Advanced, but adds a Personal Security Analyst (PSA) to help lift the burden of vulnerability management.
    • Frontline Payment Card Industry-Professional (Frontline PCI-Pro) service guides businesses through the PCI Data Security Standards (DSS) requirements maze with security expertise and personalized recommendations to achieve compliance.
    • Frontline Pen Test offers a conveniently packaged sequence of periodic (and scheduled) pen tests into an annual subscription.
  • Platform
    • Platform


    • Frontline RNA™
    • Frontline VM™
    • Frontline Reconnaissance Network Appliance (RNA) is a preconfigured network based device used to perform network security assessments without requiring onsite staff.
    • Frontline Vulnerability Manager (VM) is the industry’s most comprehensive, accurate, and easy to use VM platform – bar none.
  • Technologies
    • Technologies


    • DDI NIRV™
    • DDI VRT™
    • DDI DNA™
    • DDI NIRV – the technology core of Frontline RNA™ – works on the principle of real-time event-based tuning. As it learns more about hosts and the network, NIRV adjusts its plugin sets and auditing mechanisms in real time – leading to far more accurate and complete scanning data.
    • While Digital Defense has achieved public acclaim for its superior vulnerability scanning, vulnerability management, and best practice consultative services, we are also actively involved in security threat research.
    • Digital Node Attribution (DNA) is the core technology within Frontline VM that eliminates network drift. As point in time scans from RNA are fed into Frontline Vulnerability Manager™,
  • Professional Services
    • Professional Services


    • Frontline Pen Test Project™
    • Frontline Social Test™
    • SecurED™ Training
    • Understanding and addressing network and host vulnerabilities is, of course, an essential element to strong information security.
    • Social engineering is a popular technique attackers use to gain access to your network and, ultimately, valuable information held by your organization.
    • SecurED, an entertaining awareness training designed to optimize employee retention of serious security intelligence and best practices.
    • TEAM™
    • Consultative Services
    • As your organization grows in size and complexity, determining exposure to information asset risks becomes more challenging, as does your ability to identify threats and implement effective plans to address them.
    • As your organization grows in size and complexity, determining exposure to information asset risks becomes more challenging, as does your ability to identify threats and implement effective plans to address them.
  • Get a Quote

Zero-Day Alert: Email Security Platform

The Digital Defense, Inc. Vulnerability Research Team (VRT) has identified four previously undisclosed security vulnerabilities found in the Dell SonicWALL Email Security platform. Summary information for these flaws can be found below. Read the Full Technical details here.

Checks for the identified vulnerabilities are available now in Frontline™ Vulnerability Manager. Clients are encouraged to run a full vulnerability assessment which includes the checks for the vulnerabilities or run Scan Policy SonicWALL October 2016 Flaws to check specifically for only the vulnerabilities identified in this advisory.

 

Affected Platformszerodayalert_ad
Vendor: Dell
Product: SonicWALL Email Security (virtual appliance)
Versions Tested:  8.3.0.6149
Brief product description: The Dell SonicWALL Email Security platform can be configured as a Mail Transfer Agent (MTA) or SMTP proxy and with spam protection, compliance scanning, anti-malware and anti-virus capabilities.

 

Vulnerability Information
DDI-VRT-2016-69: Authentication Bypass in DLoadReportsServlet (High)

Impact: Sensitive information disclosure including config files and the SHA1 password hash for the admin account.
Vulnerability: The DLoadReportsServlet can be accessed via the http://<IP>/dload_reports URL without authentication. If any backups have been made via the web interface and the Email Security appliance is set as the storage location, they can be downloaded by supplying the path to the backup via the “snapshot” GET parameter which can be used to access any files stored in the backup directory or one of its sub-directories. The global settings backup file contains numerous config files, one which contains the current SHA1 password hash for the admin account.

 

DDI-VRT-2016-70: Authenticated XML External Entity Injection in known_network_data_import.html (High)
Impact: Information disclosure.
Vulnerability: The Configure Known Networks section of the web interface allows users to upload an XML file that contains known networks. This functionality can be abused to retrieve some files from the host running the SonicWALL Email Security software when the web interface tries to parse a crafted XML file.

  

DDI-VRT-2016-71: Authenticated Remote Command Execution in manage_ftpprofile.html (High)
Impact: Arbitrary OS command execution as root, full compromise of the virtual appliance.
Vulnerability: The SonicWALL Email Security appliance has an option to send backup files to a remote FTP server instead of storing them locally on the appliance. To use this functionality, the user would need to create an FTP profile which includes the FTP server address, port, username, password, and destination path. No sanitation is done on the user provided values for the username or password before they are saved for later use. Commands placed inside backticks or semicolons can be injected via the username or password parameters.

 

DDI-VRT-2016-72: Authenticated Arbitrary File Deletion in policy_dictionary.html (High)
Impact: Deletion of arbitrary files with root privileges, denial of service.
Vulnerability: Compliance dictionaries can be added and deleted via the web management interface. When a dictionary is selected for deletion the “save” method is called. This method first verifies that the dictionary selected for deletion is not in use before deleting the dictionary file from disk. The “save” method does not validate that the “selectedDictionary” POST parameter contains a valid dictionary before deleting the file. This allows an authenticated user to delete any files from the host that is running the SonicWALL Email Security software.

 

Solution Description:
Dell has addressed these vulnerabilities and released rollup patch 8.3.2 for the SonicWALL Email Security platform. The patch was made available to customers on October 3, 2016. Learn more at www.mysonicwall.com

Vendor Contact:
Dell
www.mysonicwall.com

 

Not sure if your organization is vulnerable?

Take DDI’s Free 21 Day Trial to Test the Strength of Your External Network.

To learn more about internal network scanning services, contact us.

Share This