Fortinet FortiOS (Mac OS X) < 5.6.11, 6.0.x < 6.0.5 SSL VPN Heap Buffer Overflow (FG-IR-18-388)
Medium Nessus Plugin ID 125893
SynopsisThe remote Mac OS X host is affected by a heap buffer overflow condition.
An unauthenticated, remote attacker can exploit this, by convincing a user to visit a specifically crafted proxy-ed webpage, to cause a denial of service condition.
SolutionUpgrade to Fortinet FortiOS version to 5.6.11, 6.0.5, 6.2.0 or later. Alternatively, apply one of the workarounds outlined in the linked advisory