漏洞类别:Hardware
漏洞等级: 
漏洞信息
FortiGate is a Firewall/VPN appliance, manufactured by Fortinet, that runs on proprietary hardware. The operating system is FortiOS.
The vulnerability exists due to an improper parsing of cookie field in HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request designed to cause a buffer overflow.
Affected versions:
FortiGate (FOS) 4.3.8 and below
FortiGate (FOS) 4.2.12 and below
FortiGate (FOS) 4.1.10 and below
漏洞危害
An exploit could allow the attacker to execute arbitrary code, which could result in a complete system compromise.
解决方案
The vendor has released an updated version to resolve this issue. Refer to FG-IR-16-023 to obtain additional details.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0day
文章评论