This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos UTM 9 Webproxy Content-Scanning can be bypassed

Hi Community,

what do you think about this? 

noxxi.de/.../sophos-utm-webprotection-bypass2.html

noxxi.de/.../http-evader.html

My point of view is, that sophos could at least mention the researches that provided information to caveats, thats the minimum of appreciation the could provide. The information in the changelog regarding the technical background could be more accurate!

The other thing is (quite not an easy decision) the question (yes/no) to tell the customers/resellers, that the product IS vulerable to certain techniques/websites and that the security features can be bypassed in a pretty simple way. As such possibilites are already known in public, I think a vendor should care about this. I don´t feel good to get to know about such things somewhere, but not on the vendors site. Maybe Sophos already discussed this in public, but so far I didn´t get to know about that.

As I can extract from the text, at least the "Bypass Using Invalid Headers" Vulnerability is still open...

My question @Sophos: What do you know about this and what are you doing regarding this problem?

Regards

Sebastian



This thread was automatically locked due to age.
Parents Reply Children
  • Hi Scott,

    well, I think this is in interest of all the utm users, as it seems to affect most machines that are on the newest firmware level. And as this is "not-only" a user forum, I think the vendor may and should also comment on these results. Of course I can open a ticket, but even If I would have no paid support, Sophos SHOULD be interested in this fact, right?!