Fortinet FortiOS 5.0.x < 5.0.1 Multiple DoS

This script is Copyright (C) 2015-2016 Tenable Network Security, Inc.


Synopsis :

The remote host is affected by multiple denial of service
vulnerabilities.

Description :

The remote host is running a version of Fortinet FortiOS 5.0.x prior
to 5.0.1. It is, therefore, affected by multiple denial of service
vulnerabilities :

- A flaw exists related to the handling of SSH traffic. An
unauthenticated, remote attacker can exploit this to
crash the proxyworker service. (VulnDB 125025)

- A flaw exists in the WAD daemon that is triggered during
the handling of HTTP 0.9 traffic. An unauthenticated,
remote attacker can exploit this to crash the daemon.
(VulnDB 125026)

See also :

http://www.nessus.org/u?fb88f3db

Solution :

Upgrade to Fortinet FortiOS 5.0.1 or later.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 3.7
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Firewalls

Nessus Plugin ID: 85740 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now