5916 matches found
Format string
Format string vulnerability in Fortinet FortiClient 3.0.614, and possibly earlier, allows local users to execute arbitrary code via format string specifiers in the VPN connection name...
CVE-2009-1262
Format string vulnerability in Fortinet FortiClient 3.0.614, and possibly earlier, allows local users to execute arbitrary code via format string specifiers in the VPN connection name...
CVE-2009-1262
Format string vulnerability in Fortinet FortiClient 3.0.614, and possibly earlier, allows local users to execute arbitrary code via format string specifiers in the VPN connection name...
CVE-2009-1262
Fortinet FortiClient 3.0.614 (and possibly earlier) contains a local format-string vulnerability in the handling of VPN connection names. The flaw allows a local user to read and write arbitrary memory with SYSTEM privileges by supplying crafted format specifiers, enabling code execution under SY...
Fortinet FortiClient VPN连接名称本地格式串漏洞
BUGTRAQ ID: 34343 FortiClient是新一代个人电脑安全防护平台,拥有防病毒、防火墙、VPN等强大的功能。 FortiClient的VPN功能中存在本地格式串漏洞。如果用户在VPN连接名称中指定了特制的格式串标识符并初始化了这个连接的话,就可以触发这个漏洞,导致以System权限级别读写任意内存。 FortiClient 3.0.614 Fortinet -------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.fortinetfirewall.com/index.php...
Oracle Secure Backup NDMP_CONECT_CLIENT_AUTH Command Buffer Overflow Vulnerability
Oracle Secure Backup NDMPCONECTCLIENTAUTH Command Buffer Overflow Vulnerability 2009.January.13 Fortinet's FortiGuard Global Security Research Team Discovers Vulnerability in Oracle Secure Backup Summary: ======== A Buffer Overflow vulnerability exists Oracle Secure Backup 10.2.0.2 through a...
Oracle Secure Backup Multiple Denial Of Service vulnerabilities
Oracle Secure Backup Multiple Denial Of Service vulnerabilities 2009.January.13 Fortinet's FortiGuard Global Security Research Team Discovers multiple vulnerabilities in Oracle Secure Backup Summary: ======== Multiple Denial Of Service vulnerabilities exist Oracle Secure Backup 10.2.0.2 through...
Oracle Secure Backup's observiced.exe Denial Of Service vulnerability
Oracle Secure Backup's observiced.exe Denial Of Service vulnerability 2009.January.13 Fortinet's FortiGuard Global Security Research Team Discovers a vulnerability in observiced.exe of Oracle Secure Backup Summary: ======== A Denial Of Service vulnerability exists Oracle Secure Backup 10.2.0.2...
CVE-2008-5531
Fortinet Antivirus 3.113.0.0, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header aka "EXE info" at the beginning, and modifying the filename to have 1 no extension, 2 a .txt extension, or 3 a .jpg extension, as...
Design/Logic Flaw
Fortinet Antivirus 3.113.0.0, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header aka "EXE info" at the beginning, and modifying the filename to have 1 no extension, 2 a .txt extension, or 3 a .jpg extension, as...
CVE-2008-5531
CVE-2008-5531 describes a family of bypasses where attackers manipulated an HTML document to defeat malware detection in IE6/IE7 by placing an MZ header (the “EXE info”) at the beginning and altering the displayed filename extension, e.g., no extension, .txt, or .jpg. The connected records indica...
CVE-2008-5531
Fortinet Antivirus 3.113.0.0, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header aka "EXE info" at the beginning, and modifying the filename to have 1 no extension, 2 a .txt extension, or 3 a .jpg extension, as...
[Full-disclosure] Adobe Flash CS3 Professional FLA File Parsing Multiple Local Code Execute Vulnerabilities
Adobe Flash CS3 Professional FLA File Parsing Multiple Local Code Execute Vulnerabilities by [email protected] http://ruder.cdut.net Summary: More than three local code execute vulnerabilities exist in Adobe Flash CS3 Professional while it is parsing FLA files. An attacker who...
CVE-2008-0779
The fortimon.sys device driver in Fortinet FortiClient Host Security 3.0 MR5 Patch 3 and earlier does not properly initialize its DeviceExtension, which allows local users to access kernel memory and execute arbitrary code via a crafted request...
CVE-2008-0779
The CVE-2008-0779 entry describes a local privilege-escalation flaw in the fortimon.sys device driver of Fortinet FortiClient Host Security (versions up to 3.0 MR5 Patch 3 and earlier). The vulnerability arises from improper initialization of the Driver’s DeviceExtension, enabling a local user to...
Fortinet Forticlient privilege escalation
No description provided...
[Reversemode Advisory] February Advisories : Microsoft Word 2003 + Fortinet Forticlient
Hi ---------------------------- 1.Microsoft Word Memory Corruption Vulnerability Microsoft Word 2003 is prone to a memory corruption vulnerability while parsing a specially crafted Word file. The vulnerability is caused by calculation errors while parsing certain fields within the barely...
Fortinet Fortigate - CRLF Characters URL Filtering Bypass
source: https://www.securityfocus.com/bid/27276/info Fortinet Fortigate is prone to a vulnerability that can allow attackers to bypass the device's URL filtering. An attacker can exploit this issue to view unauthorized websites, bypassing certain security restrictions. This may lead to other...
Fortinet Fortigate - CRLF Characters URL Filtering Bypass
Fortinet Fortigate - CRLF Characters URL Filtering Bypass source: https://www.securityfocus.com/bid/27276/info Fortinet Fortigate is prone to a vulnerability that can allow attackers to bypass the device's URL filtering. An attacker can exploit this issue to view unauthorized websites, bypassing...
urlevasion.txt
I dont know if its new but i code it during a PentTest and i would like to share it with you. It is based on code developed By sinhack research labs: http://sinhack.net/URLFilteringEvasion/sakeru.tx Description: "Fortinet's URL blocking functionality can be bypassed by specially-crafted HTTP...