The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of FGT

computer vulnerability alert CVE-2015-5738

RSA: private key computation via CRT

Synthesis of the vulnerability

An attacker can exchange with an application not implementing the RSA-CRT protection, in order to progressively guess the private key.
Impacted products: FortiGate, FortiGate Virtual Appliance, FortiOS, Java OpenJDK, openSUSE, Java Oracle, JavaFX, SSL protocol, Unix (platform) ~ not comprehensive.
Severity: 2/4.
Creation date: 08/09/2015.
Identifiers: cpuapr2015, CVE-2015-5738, openSUSE-SU-2015:1596-1, RSA-CRT, VIGILANCE-VUL-17836.

Description of the vulnerability

An implementation of the RSA algorithm can use the CRT (Chinese Remainder Theorem) optimization, so computations are faster. However, the RSA-CRT signature is affected by a side-channel attack, known since 1996 (Arjen Lenstra). OpenSSL and NSS are for example protected.

The GnuPG software is protected, but the Libgcrypt library is not. An attacker can therefore exchange with an application linked to Libgcrypt, to trigger a series of error and attack RSA-CRT, in order to progressively guess the private key.

The TLS protocol can use the Perfect Forward Secrecy. In this case, a RSA signature is used. However, several implementations, such as OpenJDK or JRE, do not have the RSA-CRT protection. An attacker can therefore exchange with a TLS server with the Perfect Forward Secrecy enabled, to trigger a series of error and attack RSA-CRT, in order to progressively guess the private key.

An attacker can therefore exchange with an application not implementing the RSA-CRT protection, in order to progressively guess the private key.
Complete Vigil@nce bulletin.... (Free trial)

vulnerability alert CVE-2015-5965

FortiOS: Man-in-the-Middle of SSL-VPN

Synthesis of the vulnerability

An attacker can perform a Man-in-the-Middle on FortiOS, in order to read or alter TLS session data.
Impacted products: FortiGate, FortiGate Virtual Appliance, FortiOS.
Severity: 1/4.
Creation date: 12/08/2015.
Identifiers: CVE-2015-5965, FG-IR-15-016, VIGILANCE-VUL-17651.

Description of the vulnerability

The SSL-VPN feature of the FortiOS product uses the TLS protocol.

However, only the first byte of the MAC of the TLS Handshake Finished Message is checked.

An attacker can therefore perform a Man-in-the-Middle on FortiOS, in order to read or alter TLS session data.
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability alert CVE-2015-3626

FortiOS: Cross Site Scripting of DHCP Monitor WebUI

Synthesis of the vulnerability

An attacker can trigger a Cross Site Scripting in DHCP Monitor WebUI of FortiOS, in order to run JavaScript code in the context of the web site.
Impacted products: FortiGate, FortiGate Virtual Appliance, FortiOS.
Severity: 2/4.
Creation date: 30/07/2015.
Identifiers: CVE-2015-3626, VIGILANCE-VUL-17536.

Description of the vulnerability

The FortiOS product offers a web service.

However, it does not filter received data before inserting them in generated HTML documents.

An attacker can therefore trigger a Cross Site Scripting in DHCP Monitor WebUI of FortiOS, in order to run JavaScript code in the context of the web site.
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability announce CVE-2015-2323

FortiOS: Man-in-the-Middle of TLS

Synthesis of the vulnerability

An attacker can act as a Man-in-the-Middle between FortiOS and FortiGuard, in order to read or alter TLS sessions.
Impacted products: FortiAnalyzer, FortiAnalyzer Virtual Appliance, FortiClient, FortiGate, FortiGate Virtual Appliance, FortiManager, FortiManager Virtual Appliance, FortiOS.
Severity: 2/4.
Creation date: 29/07/2015.
Identifiers: CVE-2015-2323, FG-IR-15-021, VIGILANCE-VUL-17527.

Description of the vulnerability

The FortiOS product can connect to FortiGuard servers using a TLS session.

However, the TLS client of FortiOS accepts weak algorithms (anonymous, export and RC4).

An attacker can therefore act as a Man-in-the-Middle between FortiOS and FortiGuard, in order to read or alter TLS sessions.
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability alert 17526

FortiOS: command execution via HA/ZebOS

Synthesis of the vulnerability

An attacker can access to ZebOS of FortiOS in HA mode, in order to run commands.
Impacted products: FortiGate, FortiGate Virtual Appliance, FortiOS.
Severity: 2/4.
Creation date: 29/07/2015.
Identifiers: BID-76044, FG-IR-15-020, VIGILANCE-VUL-17526.

Description of the vulnerability

The FortiOS product can be configured in HA (High Availability) mode, with the management interface enabled (ha-mgmt-status and ha-mgmt-interface).

However, in this configuration, an attacker can connect without authentication the ZebOS shell.

An attacker can therefore access to ZebOS of FortiOS in HA mode, in order to run commands.
Complete Vigil@nce bulletin.... (Free trial)

vulnerability note CVE-2014-8616 CVE-2015-1880

Fortinet FortiOS: three vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Fortinet FortiOS.
Impacted products: FortiGate, FortiGate Virtual Appliance, FortiOS.
Severity: 2/4.
Creation date: 05/05/2015.
Identifiers: CVE-2014-8616, CVE-2015-1880, FG-IR-15-005, VIGILANCE-VUL-16814.

Description of the vulnerability

Several vulnerabilities were announced in Fortinet FortiOS.

An attacker can trigger a Cross Site Scripting in Sslvpn Login Page, in order to execute JavaScript code in the context of the web site. [severity:2/4; CVE-2015-1880]

An attacker can trigger a Cross Site Scripting in User Group, in order to execute JavaScript code in the context of the web site. [severity:2/4; CVE-2014-8616]

An attacker can trigger a Cross Site Scripting in Vpn Template Menu, in order to execute JavaScript code in the context of the web site. [severity:2/4; CVE-2014-8616]
Complete Vigil@nce bulletin.... (Free trial)

vulnerability alert CVE-2015-0138 CVE-2015-0204

OpenSSL, LibReSSL, Mono, JSSE: weakening TLS encryption via FREAK

Synthesis of the vulnerability

An attacker, located as a Man-in-the-Middle, can force the Chrome, JSSE, LibReSSL, Mono or OpenSSL client to accept a weak export algorithm, in order to more easily capture or alter exchanged data.
Impacted products: Arkoon FAST360, ArubaOS, Avaya Ethernet Routing Switch, ProxyAV, ProxySG, SGOS, FabricOS, Brocade Network Advisor, Cisco ATA, AnyConnect VPN Client, Cisco ACE, ASA, AsyncOS, Cisco ESA, IOS by Cisco, IronPort Email, IronPort Web, Nexus by Cisco, NX-OS, Cisco Prime Access Registrar, Prime Collaboration Assurance, Cisco Prime DCNM, Prime Infrastructure, Cisco Prime LMS, Prime Network Control Systems, Cisco PRSM, Cisco Router, Cisco IP Phone, Cisco MeetingPlace, Cisco WSA, Clearswift Email Gateway, Debian, Black Diamond, ExtremeXOS, Summit, BIG-IP Hardware, TMOS, Fedora, FortiClient, FortiGate, FortiGate Virtual Appliance, FortiOS, FreeBSD, Chrome, HPE NNMi, HP-UX, AIX, DB2 UDB, IRAD, Security Directory Server, Tivoli Directory Server, Tivoli Storage Manager, Tivoli Workload Scheduler, WebSphere AS, WebSphere MQ, Juniper J-Series, JUNOS, Junos Space, Junos Space Network Management Platform, NSM Central Manager, NSMXpress, Juniper SBR, Domino, Notes, MBS, McAfee Email Gateway, ePO, McAfee NTBA, McAfee NGFW, VirusScan, McAfee Web Gateway, Windows (platform) ~ not comprehensive, Data ONTAP, NetBSD, NetScreen Firewall, ScreenOS, OpenBSD, Java OpenJDK, OpenSSL, openSUSE, openSUSE Leap, Java Oracle, Solaris, pfSense, Puppet, RHEL, Base SAS Software, SAS SAS/CONNECT, Slackware, Sophos AV, Splunk Enterprise, Stonesoft NGFW/VPN, stunnel, SUSE Linux Enterprise Desktop, SLES, Ubuntu, Unix (platform) ~ not comprehensive.
Severity: 2/4.
Creation date: 04/03/2015.
Revision date: 09/03/2015.
Identifiers: 122007, 1450666, 1610582, 1647054, 1698613, 1699051, 1699810, 1700225, 1700997, 1701485, 1902260, 1903541, 1963275, 1968485, 1973383, 55767, 7014463, 7022958, 9010028, ARUBA-PSA-2015-003, bulletinjan2015, c04556853, c04679334, c04773241, CERTFR-2015-AVI-108, CERTFR-2015-AVI-117, CERTFR-2015-AVI-146, CERTFR-2016-AVI-303, cisco-sa-20150310-ssl, CTX216642, CVE-2015-0138, CVE-2015-0204, DSA-3125-1, FEDORA-2015-0512, FEDORA-2015-0601, FG-IR-15-007, FREAK, FreeBSD-SA-15:01.openssl, HPSBMU03345, HPSBUX03244, HPSBUX03334, JSA10679, MDVSA-2015:019, MDVSA-2015:062, MDVSA-2015:063, NetBSD-SA2015-006, NetBSD-SA2015-007, NTAP-20150205-0001, openSUSE-SU-2015:0130-1, openSUSE-SU-2016:0640-1, RHSA-2015:0066-01, RHSA-2015:0800-01, RHSA-2015:1020-01, RHSA-2015:1021-01, RHSA-2015:1091-01, SA40015, SA88, SA91, SB10108, SB10110, SOL16120, SOL16123, SOL16124, SOL16126, SOL16135, SOL16136, SOL16139, SP-CAAANXD, SPL-95203, SPL-95206, SSA:2015-009-01, SSRT101885, SSRT102000, SUSE-SU-2015:1073-1, SUSE-SU-2015:1085-1, SUSE-SU-2015:1086-1, SUSE-SU-2015:1086-2, SUSE-SU-2015:1086-3, SUSE-SU-2015:1086-4, SUSE-SU-2015:1138-1, SUSE-SU-2015:1161-1, T1022075, USN-2459-1, VIGILANCE-VUL-16301, VN-2015-003_FREAK, VU#243585.

Description of the vulnerability

The TLS protocol uses a series of messages which have to be exchanged between the client and the server, before establishing a secured session.

Several cryptographic algorithms can be negotiated, such as algorithms allowed for USA export (less than 512 bits).

An attacker, located as a Man-in-the-Middle, can inject during the session initialization a message choosing an export algorithm. This message should generate an error, however some TLS clients accept it.

Note: the variant related to Windows is described in VIGILANCE-VUL-16332.

An attacker, located as a Man-in-the-Middle, can therefore force the Chrome, JSSE, LibReSSL, Mono or OpenSSL client to accept a weak export algorithm, in order to more easily capture or alter exchanged data.
Complete Vigil@nce bulletin.... (Free trial)

vulnerability alert CVE-2015-1451 CVE-2015-1452 CVE-2015-1571

Fortinet FortiOS: multiple vulnerabilities of CAPWAP

Synthesis of the vulnerability

An attacker can use several vulnerabilities of CAPWAP of Fortinet FortiOS.
Impacted products: FortiGate, FortiGate Virtual Appliance, FortiOS.
Severity: 2/4.
Creation date: 29/01/2015.
Identifiers: CVE-2015-1451, CVE-2015-1452, CVE-2015-1571, FG-IR-15-002, VIGILANCE-VUL-16081.

Description of the vulnerability

Several vulnerabilities were announced in Fortinet FortiOS CAPWAP (Control And Provisioning of Wireless Access Points).

An attacker can send numerous DTLS ClientHello packets, in order to trigger a denial of service. [severity:2/4; CVE-2015-1452]

Key used for DTLS are constant, so an attacker can act as a Man-In-The-Middle. However, Fortinet disputes this vulnerability. [severity:1/4; CVE-2015-1571]

An attacker can trigger a Cross Site Scripting with a CAPWAP Join packet, in order to execute JavaScript code in the context of the web site. [severity:2/4; CVE-2015-1451]
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability alert CVE-2014-8730 CVE-2015-2774

Check Point, Cisco, IBM, F5, FortiOS: information disclosure via POODLE on TLS

Synthesis of the vulnerability

An attacker, located as a Man-in-the-Middle, can decrypt a Terminating TLS session, in order to obtain sensitive information.
Impacted products: GAiA, CheckPoint IP Appliance, IPSO, CheckPoint Power-1 Appliance, SecurePlatform, CheckPoint Security Appliance, CheckPoint Smart-1, CheckPoint VSX-1, Cisco ACE, ASA, BIG-IP Hardware, TMOS, Fedora, FortiGate, FortiGate Virtual Appliance, FortiOS, DB2 UDB, Informix Server, Tivoli Directory Server, Domino, openSUSE, Solaris, Palo Alto Firewall PA***, PAN-OS.
Severity: 3/4.
Creation date: 09/12/2014.
Revision date: 17/12/2014.
Identifiers: 1450666, 1610582, 1647054, 1692906, 1693052, 1693142, CERTFR-2014-AVI-533, CSCus08101, CSCus09311, CVE-2014-8730, CVE-2015-2774, FEDORA-2015-12923, FEDORA-2015-12970, openSUSE-SU-2016:0523-1, sk103683, SOL15882, VIGILANCE-VUL-15756.

Description of the vulnerability

The VIGILANCE-VUL-15485 (POODLE) vulnerability originates from an incorrect management of SSLv3 padding.

The F5 BIG-IP product can be configured to "terminate" SSL/TLS sessions. However, even when TLS is used, this BIG-IP feature uses the SSLv3 function to manage the padding. TLS sessions are thus also vulnerable to POODLE.

The same vulnerability also impacts Check Point, Cisco, IBM and Fortinet products.

An attacker, located as a Man-in-the-Middle, can therefore decrypt a Terminating TLS session, in order to obtain sensitive information.
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability CVE-2014-3566

SSL 3.0: decrypting session, POODLE

Synthesis of the vulnerability

An attacker, located as a Man-in-the-Middle, can decrypt a SSL 3.0 session, in order to obtain sensitive information.
Impacted products: SES, SNS, Apache httpd, Arkoon FAST360, ArubaOS, Asterisk Open Source, BES, ProxyAV, ProxySG, SGOS, GAiA, CheckPoint IP Appliance, IPSO, SecurePlatform, CheckPoint Security Appliance, CheckPoint Security Gateway, Cisco ASR, Cisco ACE, ASA, AsyncOS, Cisco CSS, Cisco ESA, IOS by Cisco, IOS XE Cisco, IOS XR Cisco, IronPort Email, Nexus by Cisco, NX-OS, Prime Infrastructure, Cisco PRSM, Cisco Router, WebNS, Clearswift Email Gateway, Clearswift Web Gateway, CUPS, Debian, Black Diamond, ExtremeXOS, Ridgeline, Summit, BIG-IP Hardware, TMOS, Fedora, FortiGate, FortiGate Virtual Appliance, FortiManager, FortiManager Virtual Appliance, FortiOS, FreeBSD, F-Secure AV, HPE BSM, HP Data Protector, HPE NNMi, HP Operations, ProCurve Switch, SiteScope, HP Switch, TippingPoint IPS, HP-UX, AIX, Security Directory Server, SPSS Data Collection, Tivoli System Automation, Tivoli Workload Scheduler, WebSphere AS, WebSphere MQ, WS_FTP Server, IVE OS, Juniper J-Series, JUNOS, Junos Space, Junos Space Network Management Platform, MAG Series Juniper, NSM Central Manager, NSMXpress, Juniper SA, Domino, Notes, MBS, McAfee Email and Web Security, McAfee Email Gateway, ePO, VirusScan, McAfee Web Gateway, IE, Windows 2003, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 7, Windows 8, Windows (platform) ~ not comprehensive, Windows RT, Windows Vista, NETASQ, NetBSD, NetIQ Sentinel, NetScreen Firewall, ScreenOS, nginx, OpenSSL, openSUSE, openSUSE Leap, Solaris, Palo Alto Firewall PA***, PAN-OS, Polycom CMA, HDX, RealPresence Collaboration Server, RealPresence Distributed Media Application, Polycom VBP, Postfix, SSL protocol, Puppet, RHEL, Red Hat JBoss EAP, RSA Authentication Manager, ROS, ROX, RuggedSwitch, Slackware, Spectracom SecureSync, Splunk Enterprise, stunnel, SUSE Linux Enterprise Desktop, SLES, Synology DSM, Ubuntu, Unix (platform) ~ not comprehensive, ESXi, vCenter, VMware vSphere, VMware vSphere Hypervisor, Wind River Linux.
Severity: 3/4.
Creation date: 15/10/2014.
Identifiers: 10923, 1589583, 1595265, 1653364, 1657963, 1663874, 1687167, 1687173, 1687433, 1687604, 1687611, 1690160, 1690185, 1690342, 1691140, 1692551, 1695392, 1696383, 1699051, 1700706, 2977292, 3009008, 7036319, aid-10142014, AST-2014-011, bulletinapr2015, bulletinjan2015, bulletinjan2016, bulletinjul2015, bulletinjul2016, bulletinoct2015, c04486577, c04487990, c04492722, c04497114, c04506802, c04510230, c04567918, c04616259, c04626982, c04676133, c04776510, CERTFR-2014-ALE-007, CERTFR-2014-AVI-454, CERTFR-2014-AVI-509, CERTFR-2015-AVI-169, CERTFR-2016-AVI-303, cisco-sa-20141015-poodle, CTX216642, CVE-2014-3566, DSA-3053-1, DSA-3253-1, DSA-3489-1, ESA-2014-178, ESA-2015-098, ESXi500-201502001, ESXi500-201502101-SG, ESXi510-201503001, ESXi510-201503001-SG, ESXi510-201503101-SG, ESXi550-201501001, ESXi550-201501101-SG, FEDORA-2014-12989, FEDORA-2014-12991, FEDORA-2014-13012, FEDORA-2014-13017, FEDORA-2014-13040, FEDORA-2014-13069, FEDORA-2014-13070, FEDORA-2014-13444, FEDORA-2014-13451, FEDORA-2014-13764, FEDORA-2014-13777, FEDORA-2014-13781, FEDORA-2014-13794, FEDORA-2014-14234, FEDORA-2014-14237, FEDORA-2014-15379, FEDORA-2014-15390, FEDORA-2014-15411, FEDORA-2014-17576, FEDORA-2014-17587, FEDORA-2015-9090, FEDORA-2015-9110, FreeBSD-SA-14:23.openssl, FSC-2014-8, HPSBGN03256, HPSBGN03305, HPSBGN03332, HPSBHF03156, HPSBHF03300, HPSBMU03152, HPSBMU03184, HPSBMU03213, HPSBMU03416, HPSBUX03162, HPSBUX03194, JSA10656, MDVSA-2014:203, MDVSA-2014:218, MDVSA-2015:062, NetBSD-SA2014-015, nettcp_advisory, openSUSE-SU-2014:1331-1, openSUSE-SU-2014:1384-1, openSUSE-SU-2014:1395-1, openSUSE-SU-2014:1426-1, openSUSE-SU-2016:0640-1, openSUSE-SU-2016:1586-1, PAN-SA-2014-0005, POODLE, RHSA-2014:1652-01, RHSA-2014:1653-01, RHSA-2014:1692-01, RHSA-2014:1920-01, RHSA-2014:1948-01, RHSA-2015:0010-01, RHSA-2015:0011-01, RHSA-2015:0012-01, RHSA-2015:1545-01, RHSA-2015:1546-01, SA83, SB10090, SB10104, sk102989, SOL15702, SP-CAAANKE, SP-CAAANST, SPL-91947, SPL-91948, SSA:2014-288-01, SSA-396873, SSA-472334, SSRT101767, STORM-2014-02-FR, SUSE-SU-2014:1357-1, SUSE-SU-2014:1361-1, SUSE-SU-2014:1386-1, SUSE-SU-2014:1387-1, SUSE-SU-2014:1387-2, SUSE-SU-2014:1409-1, SUSE-SU-2015:0010-1, SUSE-SU-2016:1457-1, SUSE-SU-2016:1459-1, T1021439, TSB16540, USN-2839-1, VIGILANCE-VUL-15485, VMSA-2015-0001, VMSA-2015-0001.1, VMSA-2015-0001.2, VN-2014-003, VU#577193.

Description of the vulnerability

An SSL/TLS session can be established using several protocols:
 - SSL 2.0 (obsolete)
 - SSL 3.0
 - TLS 1.0
 - TLS 1.1
 - TLS 1.2

An attacker can downgrade the version to SSLv3. However, with SSL 3.0, an attacker can change the padding position with a CBC encryption, in order to progressively guess clear text fragments.

This vulnerability is named POODLE (Padding Oracle On Downgraded Legacy Encryption).

An attacker, located as a Man-in-the-Middle, can therefore decrypt a SSL 3.0 session, in order to obtain sensitive information.
Complete Vigil@nce bulletin.... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about FGT: