Cyberoam generates fix for 'nullified' vulnerability

Powered by SC Magazine
 

Generates unique certificates.

Security vendor Cyberoam has issued a hotfix for a interception vulnerability it downplayed this week. 

The fix replaces generic certificates within Cyberoam Unified Threat Management (UTM) devices with unique ones.This squashes the possibility that the Deep Packet Inspection (DPI) modules could intercept traffic from users assigned to different Cyberoam UTM boxes.

Tor security researcher Runa Sandvik and OpenDNS’ Ben Laurie discovered the that units used shared certificates which users must accept to have their encrypted traffic scanned, ostensibly for security threats.

Users accepting the certificates could be scanned by any Cyberoam DPI unit, researchers said.

Cyberoam refuted the allegations along with suggestions by the researchers that private keys could be extracted from the devices.

"Cyberoam UTM either accepts or rejects, but does not store HTTPS Deep Scan Inspection data, as processing is done in real-time. The possibility of data interception between any two Cyberoam appliances is hence nullified," the company said on its blog.

“.. theoretically it is possible to decrypt SSL data using a conned private key. Cyberoam UTM does not allow import or export of the foresaid private key used for the SSL-Bridging technology.”

The fix generates a positive alert when it has been successfully applied.

Copyright © SC Magazine, Australia


Cyberoam generates fix for 'nullified' vulnerability
Via Flickr
 
 
 
Top Stories
At the top of her game
A decision to bring digital operations back in-house three years ago has paid big dividends for Tabcorp.
 
Westpac hires SAP man as CTO
Creates four new IT lead positions.
 
Qld Transport to replace core registration system
State's biggest citizen info repository set for overhaul.
 
 
Via Flickr
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Who do you trust most to protect your private data?







   |   View results
Your bank
  38%
 
Your insurance company
  3%
 
A technology company (Google, Facebook et al)
  8%
 
Your telco, ISP or utility
  7%
 
A retailer (Coles, Woolworths et al)
  2%
 
A Federal Government agency (ATO, Centrelink etc)
  21%
 
An Australian law enforcement agency (AFP, ASIO et al)
  15%
 
A State Government agency (Health dept, etc)
  5%
TOTAL VOTES: 964

Vote