Fortinet FortiOS Denial Of Service / Man-In-The-Middle

, , . '.' '. ', . , '. , .', , / / / \ \ ==/ /\ \ / / \ / \ / / | \ \ Y Y \ / /| / \ /||| / / /.-. / /:wq x.0 '=.|w|.=' =''"''=. presents.. Fortinet FortiOS Multiple Vulnerabilities Affected Versions: Verified on FortiOS Firmware v5.0,build4457 GA Patch 7 PDF:...

Fortinet FortiOS < 4.3.16 / 5.x < 5.0.8 Multiple Vulnerabilities (FG-IR-14-006)

The remote host is running FortiOS prior to 4.3.16 or 5.x prior to 5.0.8. It is, therefore, affected by the following vulnerabilities : - A flaw exists within the FortiManager service when handling incoming requests. Using a specially crafted request, a remote attacker can exploit this to cause a...

FortiNet FortiGate and FortiWiFi appliances contain multiple vulnerabilities

Overview Fortinet FortiGate and FortiWiFi appliances are susceptible to man-in-the-middle attacks CWE-300 and a heap-based overflow vulnerability CWE-122. Description Fortinet FortiGate and FortiWiFi 4.00.6 and possibly earlier versions are susceptible to man-in-the-middle attacks CWE-300 and a...

CVE-2014-0351

The FortiManager protocol service in Fortinet FortiOS before 4.3.16 and 5.x before 5.0.8 on FortiGate devices does not prevent use of anonymous ciphersuites, which makes it easier for man-in-the-middle attackers to obtain sensitive information or interfere with communications by modifying the...

Design/Logic Flaw

The FortiManager protocol service in Fortinet FortiOS before 4.3.16 and 5.x before 5.0.8 on FortiGate devices does not prevent use of anonymous ciphersuites, which makes it easier for man-in-the-middle attackers to obtain sensitive information or interfere with communications by modifying the...

CVE-2014-0351

Fortinet FortiOS versions affected: FortiOS before 4.3.16 and 5.x before 5.0.8. The FortiManager service allows anonymous cipher suites, enabling a man‑in‑the‑middle to read or tamper traffic. According to FG-IR-14-006, this vulnerability (CVE-2014-0351) can also impact FortiManager communication...

CVE-2014-2216

The FortiManager protocol service in Fortinet FortiOS before 4.3.16 and 5.0.0 before 5.0.8 on FortiGate devices allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted request...

Cross site request forgery (csrf)

The FortiManager protocol service in Fortinet FortiOS before 4.3.16 and 5.0.0 before 5.0.8 on FortiGate devices allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted request...

CVE-2014-2216

The FortiManager protocol service in Fortinet FortiOS before 4.3.16 and 5.0.0 before 5.0.8 on FortiGate devices allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted request...

CVE-2014-2216

The CVE-2014-2216 vulnerability affects Fortinet FortiOS FortiGate devices where the FortiManager protocol service (on FortiOS versions prior to 4.3.16 and prior to 5.0.8 in the 5.0 branch) can be triggered by a crafted request, enabling remote attackers to cause a denial of service and possibly ...

Fortinet FortiOS 5.x < 5.0.6 XSS

The remote host is running FortiOS prior to 5.0.6. It is, therefore, affected by a cross-site scripting vulnerability due to a failure to sanitize user-supplied input to the 'mkey' parameter in the '/firewall/schedule/recurrdlg' URL of the web UI. An attacker could potentially exploit this...

Fortinet FortiOS < 4.3.13 / 5.0.3 Multiple XSRF

The remote host is running FortiOS prior to 4.3.13 / 5.0.3. It is, therefore, affected by multiple cross-site request forgery vulnerabilities in web UI pages because they are not protected by XSRF tokens. An attacker could potentially exploit this vulnerability to hijack an authenticated user's...

Fortinet FortiOS 5.x < 5.0.3 Security Bypass

The remote host is running FortiOS 5.x prior to 5.0.3. It is, therefore, affected by a security bypass vulnerability due to a failure to properly manage the Guest user permission. An attacker could potentially exploit this vulnerability to view, change, or delete records of users from another...

Fortinet FortiOS User Interface Default Credentials

The remote Fortinet FortiOS user interface uses a known set of default credentials. Knowing these, an attacker with access to the service can gain administrative access to the device. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if...

Fortinet OpenSSL Information Disclosure (Heartbleed)

The firmware of the remote Fortinet host is running a version of OpenSSL that is affected by a remote information disclosure, commonly known as the 'Heartbleed' bug. A remote, unauthenticated, attacker could potentially exploit this vulnerability to extract up to 64 kilobytes of memory per reques...

CVE-2013-7181

Cross-site scripting XSS vulnerability in user/ldapuser/add in Fortinet FortiOS 5.0.3 allows remote attackers to inject arbitrary web script or HTML via the filter parameter...

CVE-2013-7182

Cross-site scripting XSS vulnerability in firewall/schedule/recurrdlg in Fortinet FortiOS 5.0.5 allows remote attackers to inject arbitrary web script or HTML via the mkey parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in firewall/schedule/recurrdlg in Fortinet FortiOS 5.0.5 allows remote attackers to inject arbitrary web script or HTML via the mkey parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in user/ldapuser/add in Fortinet FortiOS 5.0.3 allows remote attackers to inject arbitrary web script or HTML via the filter parameter...

CVE-2013-7181

CVE-2013-7181 is a reflected XSS in Fortinet FortiWeb 5.x (notably 5.0.3) via the filter parameter in /user/ldap_user/add. The root cause is inadequate input sanitization of the filter field, enabling arbitrary script execution in the context of an end-user browser. Affected products include Fort...