Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

10.2.0.5 - extendauthentication return code 500

BWCBWC Cybersecurity Overlord ✭✭✭

Hi all,

does anybody knows why this happens since upgrade to 10.2.0.5 when accessing a RDP bookmark? It does not always happen, it seems that some component of the internal apache is either crashing or nor processing the request correctly. The RDP connection is working though.

SMAConnectAgent Log

2021-02-09 07:57:07.167      Error: Request for (/cgi-bin/extendauthentication) return code (500)
2021-02-09 07:57:07.167      Query sessionId failed.

SMA log

msg="ExtendID (query) failed extendid: 'XXXXXXXXXXXXXXXXX='"

Anyone already opened a ticket on this?

--Michael@BWC

Category: Secure Mobile Access Appliances
Reply

Answers

  • CCAdminCCAdmin Newbie ✭

    I haven't opened a ticket, but I'm getting a lot of the same errors in the SMA log after the 10.2.0.5-29sv patch. It also seems to be limited to RDP bookmark users.

    I'm also seeing a lot of these similar errors as well. I assume it's someone probing the SMA since no one seems to ever logs in from the associated IP addresses.

    SMA Log:

    ExtendID (query) invalid extendid: '0' union select sessionId from Sessions limit 1 --'

    ExtendID (query) invalid extendid: '1' or substr((select sessionId from Sessions Limit 1 OFFSET 0),1,1)='q';--''

  • BWCBWC Cybersecurity Overlord ✭✭✭

    Hi @CCAdmin

    FYI a customer reported that the log entries I reported above are no longer there since Firmware 10.2.0.6.

    --Michael@BWC

Sign In or Register to comment.