The following hotfix can be applied only to systems running 10.6.2

  • SonicWALL recommends installing both the clt and pform hotfixes at the same time as they are inter-dependent.

Hotfixes

 Client-side fixes

clt-hotfix-10.6.2-320 Download | README | Updated 16-Apr-2013
Customer-reported issues fixed in this hotfix include, by subcomponent:

  • Problems with AD Tree authentication.
  • Not showing all domains in drop down after closing connection.
  • CEM support for IP based only redirection (disable name based redirection).
  • Client crashing Explorer everytime when connecting.
  • [ActiveX/RDP] RDP (NAM) bookmark-based access provisioned with ActiveX fails.
  •  Buffer overflow vulnerability in Connect Tunnel for Windows.
  • User Credentials are stored in plaintext in memory which is reported as Security Threat (10.6.3)
  • When logging in to CT it displays a message timeout exceeded on 10.6.2 firmware
  • CTS is not working with Username/Password incorrect message
  • In Workplace, CT Installation/upgrade fails for win8,win7(32/64bit)
  • Aventail Connect offers certificate issued for another purpose then client authentication
  • Hardening local admin access on PC's  for network logon / remote tunnel users.
 Appliance-side fixesPform-hotfix-10.6.2-301 Download | README | Updated  19-Feb-2013
Customer-reported issues fixed in this hotfix include, by subcomponent:

System/Platform
  • viewLog.do filename variable directory transversal.
  • OD port map resource can be deleted without the complete de-reference of its shortcut.
  • Able to logon with false password when password changed checked and enabled at AD server.
  • AD Tree Authentication Tweaks via CEM using krb5.conf.
  • evpn fails with error when a tunnel connection is attempted using mobile connect or CT.
  • Problems with AD Tree authentication. 
  • Services stopping, users getting disconnected, thread count growing  .
  • Services stopping LDAP related.
  • platform hotfix causes Policy server restarts if any AD auth server is configured without domain .
  • SNMP queries on large datasets are very slow, leading to backpressure / outages..
  • 10.6.2-231 platform hotfix causes Policy server restarts if any AD auth server is configured without domain.
  • Services stopping LDAP related.
  • Services stopping, users getting disconnected, thread count growing.
  • The appliance has detected that the system has been modified post upgrade to 10.6.2
  • AMC user search page displays 'Error - could not load configuration file /tmp/amc_krb5.conf'.
  • Issues with Rollback/Hotfix Removal in AMC.
  • Unable to Delete realms.
  • 10.6.2 Hotfix installation on a FIPS enabled appliance shows error during reboot.
  • Password change failing when using AD tree authentication.
  • EVPN filtering redirects to EW results in ConnectionsIDs prematurely closed
  • Connect tunnel failing to connect with Explorer.exe crashing on Windows 7 and Windows XP machines .
  • All Users dropped, services stopped cores were produced.

 

 
 Workplace/Access Methods
 

  • iPad/iPhone/Android user placed in default zone.
  • RDP bookmarks are getting filtered if no access agents are enabled for a community in MobileConnect..
  • RDP (NAM) bookmark-based access provisioned with ActiveX fails.

.