Skip to page contents

---

International (select)  Extranet |

---

---

Products    Training    Support    Downloads    Partners Contact | About us | Press & Media | Investor Relations

---

Support Offering | Security Advisories | Technical Product Documentation | Request Support | Product Life-cycle | License Center | Downloads | Contact Information |

---

• MAPP

---

---

Stonesoft Corporation Security Advisory

Date:   14 Nov, 2008
Title:  Buffer Overflow in Anti-Virus Component of StoneGate UTM
Solution
Refs:   SecurityFocus BID 32207

Severity: High

1. Overview

ClamAV anti-virus toolkit has a buffer overflow in the get_unicode_name function. A properly chosen file may cause the anti-virus component to crash or to run arbitrary code.

Stonesoft products are affected as stated below.

2. StoneGate Firewall and VPN

The vulnerable version of ClamAV anti-virus toolkit is included in the StoneGate High Availability Firewall and VPN engine version 4.3.0. This version is also called the StoneGate UTM solution. The vulnerable version of Firewall and VPN engine is affected only if the anti-virus component is in use.

No other StoneGate Firewall and VPN engine versions are affected.


Recommended Actions:

The StoneGate Firewall and VPN users who are using the vulnerable engines should upgrade to the engine version 4.3.1 as soon as it will become available. Stonesoft estimates this to happen during November, 2008.

While waiting for the upgrade, the vulnerable StoneGate Firewall and VPN engine users are recommended to disable the anti-virus functionality in the firewall.

3. StoneGate IPS Sensor and Analyzer

StoneGate IPS Sensor and Analyzer engines are not affected.

4. StoneGate SSL VPN

StoneGate SSL VPN engines are not affected.

5. StoneGate Management Center

The StoneGate Management Center is not affected.

6. StoneGate VPN Client

The StoneGate VPN Client is not affected.

7. StoneBeat HA

StoneBeat HA is not affected.

8. StoneBeat Clustering Products

StoneBeat Clustering products are not affected.

9. Appendices

Stonesoft Security Analysis Group's PGP key is available at: http://www.stonesoft.com/system/galleries/download/other_files/Stonesoft-Security-Alert.asc

To report or to inquire about a security problem with Stonesoft software, please contact one or more of the following:

Stonesoft Support

Stonesoft Security Analysis Group: security-alert(AT)stonesoft.com


The information contained in this advisory is provided on an as-is basis. Stonesoft does not make any warranties of any kind with respect to the information contained in this advisory. ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES ARE HEREBY DISCLAIMED AND EXCLUDED TO THE EXTENT ALLOWED BY APPLICABLE LAW.

IN NO EVENT WILL STONESOFT CORPORATION BE LIABLE FOR ANY LOST REVENUE, PROFIT OR DATA, OR FOR DIRECT, SPECIAL, INDIRECT, CONSEQUENTIAL, INCIDENTAL OR PUNITIVE DAMAGES HOWEVER CAUSED ARISING OUT OF THE USE OF OR INABILITY TO USE THE INFORMATION CONTAINED IN THIS ADVISORY.

If any of the above provisions are held to be in violation of applicable law, void, or unenforceable in any jurisdiction, then such provisions are waived to the extent necessary for this disclaimer to be otherwise enforceable in such jurisdiction.

Copyright 2008 Stonesoft Corporation. All rights reserved.

Stonesoft, StoneGate and StoneBeat are trademarks or registered trademarks of Stonesoft Corporation in Finland and other countries. All other company and product names contained herein are property of their respective holders. This advisory may be reproduced and distributed only in its unaltered form and only for non-commercial purposes.

---