CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
98.9%
Stack-based buffer overflow in collectoragent.exe in Fortinet Single Sign On (FSSO) before build 164 allows remote attackers to execute arbitrary code via a large PROCESS_HELLO message to the Message Dispatcher on TCP port 8000.
Vendor | Product | Version | CPE |
---|---|---|---|
fortinet | single_sign_on | 4.3 | cpe:2.3:a:fortinet:single_sign_on:4.3:*:*:*:*:*:*:* |
seclists.org/fulldisclosure/2015/Mar/111
www.coresecurity.com/advisories/fortinet-single-sign-on-stack-overflow
www.fortiguard.com/advisory/2015-02-27-fsso-stack-based-buffer-overflow
www.fortiguard.com/advisory/FG-IR-15-006/
www.osvdb.org/119719
www.securityfocus.com/archive/1/534918/100/0/threaded
www.securityfocus.com/bid/73206
www.exploit-db.com/exploits/36422/