Date: 08 April 2009
Click here for printable version
Click here for PGP verifiable version
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AA-2009.0086 AUSCERT Advisory
[Win]
FortiClient: Execute Arbitrary Code/Commands
8 April 2009
- ---------------------------------------------------------------------------
AusCERT Advisory Summary
------------------------
Product: FortiClient
Operating System: Windows
Impact: Execute Arbitrary Code/Commands
Access: Existing Account
CVE Names: CVE-2009-1262
Member content until: Wednesday, May 06 2009
OVERVIEW:
Update available for FortiClient Version 3.0.614 (earlier versions
may also be vulnerable)
IMPACT:
"Fortinet FortiClient is vulnerable to a format string vulnerability,
caused by the improper validation of input that is passed within the
VPN connection name. By sending a specially-crafted VPN connection
name containing malicious format string specifiers, a local attacker
could exploit this vulnerability to read and write arbitrary memory
with SYSTEM level privileges." [1]
MITIGATION:
"Upgrade to the latest version of FortiClient (3.0 MR7 Patch Release
6 or later), available from the Fortinet Web site." [2]
REFERENCES:
[1] Fortinet FortiClient VPN connection name format string
http://xforce.iss.net/xforce/xfdb/49633
[2] Fortinet Endpoint Security
http://www.fortinet.com/products/forticlient.html
AusCERT has made every effort to ensure that the information contained
in this document is accurate. However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.
If you believe that your computer system has been compromised or attacked in
any way, we encourage you to let us know by completing the secure National IT
Incident Reporting Form at:
http://www.auscert.org.au/render.html?it=3192
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iD8DBQFJ3FBMNVH5XJJInbgRAhWaAJoCzkp3heLqAGNNcHyi/Q4+XxldUQCfbG2D
rB4tx7VjjCd9R6P1x2HikpI=
=0KPq
-----END PGP SIGNATURE-----
|