Fortinet OpenSSL Information Disclosure (Heartbleed)

This script is Copyright (C) 2014-2016 Tenable Network Security, Inc.

Synopsis :

The remote host is affected by an information disclosure

Description :

The firmware of the remote Fortinet host is running a version of
OpenSSL that is affected by a remote information disclosure,
commonly known as the 'Heartbleed' bug. A remote, unauthenticated,
attacker could potentially exploit this vulnerability to extract up to
64 kilobytes of memory per request from the device.

See also :

Solution :

Upgrade to a firmware version containing a fix for this
vulnerability as referenced in the vendor advisory.

Risk factor :

High / CVSS Base Score : 9.4
CVSS Temporal Score : 7.4
Public Exploit Available : true

Family: Misc.

Nessus Plugin ID: 73669 ()

Bugtraq ID: 66690

CVE ID: CVE-2014-0160

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now