This script is Copyright (C) 2017 Tenable Network Security, Inc.
The remote host is affected by multiple vulnerabilities.
The remote host is running a version of Fortinet FortiOS that is 5.4.1
or later but prior to 5.4.4. It is, therefore, affected by the
following vulnerabilities :
- A security bypass vulnerability exists in the HTTP
evader tool due to improper handling of HTTP
content-encoding. An unauthenticated, remote attacker
can exploit this to bypass antivirus checks.
- A security bypass vulnerability exists in the DLP
component that allows an unauthenticated, remote
attacker to bypass the built-in file-type filter. Note
that this vulnerability only affects FortiOS version
5.4.3. (VulnDB 152267)
See also :
Upgrade to Fortinet FortiOS 5.4.4 or later.
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.1
Public Exploit Available : true
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now