|
|
Foreword
The FortiGuard Global Threat Research Team has released new security content to cover multiple vulnerabilities. The FortiGuard Team has observed 14 active exploitations of these vulnerabilities to date.
For more information, visit the FortiGuard Center at www.fortiguardcenter.com.
Threat Remediation
Fortinet provides coverage for the vulnerabilities described below as of the 2.811 IPS Definitions database update. A brief description of each vulnerability is provided as follows, in order of severity.
Critical ( 14 )
| Adobe.Shockwave.Player.3D.Parsing.Memory.Corruption Event ID: 22990 |
Release Date: May 13, 2010 IPS Definitions DB Version: 2.808 |
|
Description: This indicates an attack attempt to exploit a memory-corruption vulnerability in Adobe Shockwave Player. The vulnerability is caused by an error when the vulnerable software handles a "DIR" file that includes an overly large integer field. It can be exploited via a crafted ".dir" file, leading to remote code execution. Affected Products: Shockwave Player 11.5.6.606 and earlier versions for Windows and Macintosh Reference IDs: |
| Adobe.Shockwave.Player.Dir.Invalid.Value.Code.Execution Event ID: 22991 |
Release Date: May 13, 2010 IPS Definitions DB Version: 2.808 |
|
Description: This indicates an attack attempt against a code-execution vulnerability in Adobe Shockwave Player. The vulnerability is caused by an error when the vulnerable software handles an invalid value in a .dir file. It allows a remote attacker to execute code via sending a crafted .dir file. Affected Products: Shockwave Player version 11.5.6.606 Reference IDs: |
| Adobe.Shockwave.Player.Dir.Tag.Invalid.Value.Code.Execution Event ID: 22994 |
Release Date: May 13, 2010 IPS Definitions DB Version: 2.808 |
|
Description: This indicates an attack attempt against a memory-corruption vulnerability in Adobe Shockwave Player. The vulnerability is caused by an error when the vulnerable software handles a malicious tag length value. It allows a remote attacker to execute arbitrary code via sending a crafted .dir file. Affected Products: Shockwave Player version 11.5.6.606 Reference IDs: |
| Adobe.Shockwave.Player.Offset.Underflow.Memory.Corruption Event ID: 22992 |
Release Date: May 13, 2010 IPS Definitions DB Version: 2.808 |
|
Description: This indicates an attack attempt to exploit a memory-corruption vulnerability in Adobe Shockwave Player. The vulnerability is caused by an error when the vulnerable software handles a "DIR" file that includes an overly large index value. It can be exploited via a crafted ".dir" file, leading to remote code execution. Affected Products: Shockwave Player 11.5.6.606 and earlier versions for Windows and Macintosh Reference IDs: |
| Apple.Safari.CSS.format.Argument.Handling.Memory.Corruption Event ID: 22913 |
Release Date: May 18, 2010 IPS Definitions DB Version: 2.810 |
|
Description: This indicates an attack attempt against a memory-corruption vulnerability in Apple Safari. The vulnerability is caused by an error when the vulnerable software handles a specially crafted web page. It allows a remote attacker to execute arbitrary code. Affected Products: Apple Safari 4.0.4 for Windows Apple Safari 4.0.4 Apple Safari 4.0.3 for Windows Apple Safari 4.0.3 Apple Safari 4.0.2 for Windows Apple Safari 4.0.2 Apple Safari 4.0.1 Apple Safari 4 for Windows Apple Safari 4 Beta Apple Safari 4 Reference IDs: |
| Cisco.Secure.Desktop.CSDWebInstaller.ActiveX.Control.Access Event ID: 20924 |
Release Date: May 11, 2010 IPS Definitions DB Version: 2.806 |
|
Description: This indicates an attack attempt to exploit a code-execution vulnerability in Cisco Secure Desktop. The vulnerability is caused by the lack of signature checking of the downloaded executable being installed in the Secure Desktop Web Install ActiveX control. It may allow remote attackers to execute arbitrary code in the context of the application using the affected ActiveX control. Affected Products: Cisco Secure Desktop versions prior to 3.5.841 Reference IDs: |
| Mozilla.Firefox.Cross.Document.DOM.Node.Moving.Code.Execution Event ID: 20868 |
Release Date: May 11, 2010 IPS Definitions DB Version: 2.806 |
|
Description: This indicates an attack attempt to exploit a code execution vulnerability in Mozilla Firefox. The vulnerability is caused by an error when the vulnerable software handles javascript codes with malcious DOM nodes. It allows a remote attacker to execute arbitrary code via sending a crafted web page. Affected Products: Firefox 3.6.2 and the prior Reference IDs: |
| MS.Windows.Mail.Client.Integer.Overflow Event ID: 22957 |
Release Date: May 14, 2010 IPS Definitions DB Version: 2.809 |
|
Description: This indicates a possible attack against an integer-overflow vulnerability in Windows Live Mail and Outlook Express which if well exploited could lead to arbitrary remote code execution. Affected Products: Microsoft Outlook Express 5.5 Service Pack 2 Microsoft Outlook Express 6 Service Pack 1 Windows Mail and Windows Live Mail on all Microsoft Windows Platforms Reference IDs: |
| MS.Windows.VBE6.DLL.Stack.Memory.Corruption Event ID: 22937 |
Release Date: May 12, 2010 IPS Definitions DB Version: 2.807 |
|
Description: This indicates an attack attempt against a stack-based memory-corruption vulnerability in Microsoft Windows. The vulnerability is caused by an error when VBE6.DLL is referenced by a malformed Office document. It may allow remote attackers to execute arbitrary code by sending a specially crafted Office document. Affected Products: Microsoft Office XP Service Pack 3 Microsoft Office 2003 Service Pack 3 2007 Microsoft Office System Service Pack 1 and 2007 Microsoft Office System Service Pack 2 Microsoft Visual Basic for Applications Microsoft Visual Basic for Applications SDK Reference IDs: |
| Oracle.DBMS.Cdc.Publish.SQL.Injection Event ID: 22220 |
Release Date: May 13, 2010 IPS Definitions DB Version: 2.808 |
|
Description: This indicates a possible attack against an SQL-injection vulnerability in multiple products by Oracle. The vulnerability is caused by improper sanitation of user input data which could lead to injection of arbitrary SQL code. Affected Products: Oracle Database 11g, versions 11.1.0.7 and 11.2.0.1 Oracle Database 10g Release 2, versions 10.2.0.3 and 10.2.0.4 Oracle Database 10g, version 10.1.0.5 Oracle Database 9i Release 2, versions 9.2.0.8 and 9.2.0.8DV Oracle Application Server 10gR2, version 10.1.2.3.0 Oracle Identity Management 10g, version 10.1.4.0.1 and 10.1.4.3 Oracle Collaboration Suite 10g, version 10.1.2.4 Oracle E-Business Suite Release 12, versions 12.0.4, 12.0.5, 12.0.6, 12.1.1 and 12.1.2 Oracle E-Business Suite Release 11i, versions 11.5.10 and 11.5.10.2 Oracle Transportation Manager, versions 5.5.05.07, 5.5.06.00, and 6.0.03 Oracle Agile - Engineering Data Management, version 6.1.1.0 PeopleSoft Enterprise PeopleTools, versions 8.49 and 8.50 Oracle Communications Unified Inventory Management version 7.1 Oracle Clinical Remote Data Capture Option versions 4.5.3 and 4.6 Oracle Thesaurus Management System versions 4.5.2, 4.6 and 4.6.1 Oracle Retail Markdown Optimization version 13.1 Oracle Retail Place In-Season version 12.2 Oracle Retail Plan In-Season version 12.2 Oracle Sun Products Suite Reference IDs: |
| Realnetworks.Helix.Server.NTLM.Authentication.Code.Execution Event ID: 22230 |
Release Date: May 18, 2010 IPS Definitions DB Version: 2.810 |
|
Description: This indicates an attack attempt to exploit a code-execution vulnerability in Realnetworks Helix Server. The vulnerability is caused by improper bounds checking in the NTLM authentication function. By sending a specially crafted HTTP request, a remote attacker could execute arbitrary code on a vulnerable system. Affected Products: RealNetworks Helix Server version 11.x, 12.x, and 13.x Reference IDs: |
| Sun.Directory.Server.Enterprise.ASN.1.Parsing.Code.Execution Event ID: 20933 |
Release Date: May 13, 2010 IPS Definitions DB Version: 2.808 |
|
Description: This indicates an attack attempt to exploit a code-execution vulnerability in Sun Microsystems Directory Server. The vulnerability is caused by an error when the vulnerable software handles a malformed LDAP query. It allows a remote attacker to execute arbitrary code via sending a crafted LDAP query from the client. Affected Products: Sun Java System Directory Server 5.2, 6.0, 6.1, 6.2, 6.3, 6.3.1 Reference IDs: |
| Sun.Java.Runtime.Environment.XNewPtr.Code.Execution Event ID: 20856 |
Release Date: May 13, 2010 IPS Definitions DB Version: 2.808 |
|
Description: This indicates a possible attack against an integer-overflow vulnerability in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27. The vulnerability is caused by improper handling of an integer parameter when allocating heap memory which may lead to arbitrary code execution. Affected Products: Oracle Java SE Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 Reference IDs: |
| Sun.Java.Runtime.RMIConnectionImpl.Code.Execution Event ID: 20855 |
Release Date: May 11, 2010 IPS Definitions DB Version: 2.806 |
|
Description: This indicates an attack attempt against a priviledge escalation vulnerability in Sun Java Runtime Environment which fails to check the privilege during deserialization of RMIConnectionImpl objects. Affected Products: Oracle Java SE Java for Business 6 Update 18 and 5.0 Update 23 Reference IDs: |
High ( 17 )
| Adobe.Shockware.Player.Parsing.Dir.File.Buffer.Overflow Event ID: 22995 |
Release Date: May 13, 2010 IPS Definitions DB Version: 2.808 |
|
Description: This indicates an attack attempt against a buffer-overflow vulnerability in Adobe Shockwave Player. The vulnerability is caused by an error when the vulnerable software handles a malicious .dir file. It allows a remote attacker to execute arbitrary code via sending a crafted .dir file. Affected Products: Shockwave Player 11.5.6.606 and earlier versions Reference IDs: |
| Adobe.Shockware.Player.Parsing.Dir.File.Memory.Corruption Event ID: 22993 |
Release Date: May 13, 2010 IPS Definitions DB Version: 2.808 |
|
Description: This indicates an attack attempt against a memory-corruption vulnerability in Adobe Shockwave Player. The vulnerability is caused by an error when the vulnerable software handles an invalid value in a .dir file. It allows a remote attacker to execute code via sending a crafted .dir file. Affected Products: Shockwave Player 11.5.6.606 and earlier versions Reference IDs: |
| Adobe.Shockwave.Player.Dir.File.Boundary.Error Event ID: 22989 |
Release Date: May 13, 2010 IPS Definitions DB Version: 2.808 |
|
Description: This indicates an attack attempt to exploit a memory-corruption vulnerability in Adobe Shockwave Player. The vulnerability is caused by improper boundary checking when the vulnerable software handles a malicious "DIR" file. It can be exploited via a crafted ".dir" file, which may lead to remote code execution. Affected Products: Shockwave Player 11.5.6.606 and earlier versions for Windows and Macintosh Reference IDs: |
| Adobe.Shockwave.Player.Dir.File.Integer.Overflow Event ID: 22996 |
Release Date: May 13, 2010 IPS Definitions DB Version: 2.808 |
|
Description: This indicates an attack attempt to exploit a memory-corruption vulnerability in Adobe Shockwave Player. The vulnerability is caused by an error when the vulnerable software handles a "DIR" file that includes an overly large index value. It can be exploited via a crafted ".dir" file, leading to remote code execution. Affected Products: Shockwave Player 11.5.6.606 and earlier versions for Windows and Macintosh Reference IDs: |
| Adobe.Shockwave.Player.Dir.File.Memory.Corruption Event ID: 22998 |
Release Date: May 13, 2010 IPS Definitions DB Version: 2.808 |
|
Description: This indicates an attack attempt to exploit a memory-corruption vulnerability in Adobe Shockwave Player. The vulnerability is caused by an error when the vulnerable software handles a "DIR" file that includes an invalid integer value. It can be exploited via a crafted ".dir" file, leading to remote code execution. Affected Products: Shockwave Player 11.5.6.606 and earlier versions for Windows and Macintosh Reference IDs: |
| Adobe.Shockwave.Player.Dir.File.Signedness.Error Event ID: 22997 |
Release Date: May 13, 2010 IPS Definitions DB Version: 2.808 |
|
Description: This indicates an attack attempt to exploit a memory-corruption vulnerability in Adobe Shockwave Player. The vulnerability is caused by a signedness error when the vulnerable software handles a malicious "DIR" file. It can be exploited via a crafted ".dir" file, leading to remote code execution. Affected Products: Adobe Shockwave Player 11.5.6.606 and earlier versions Reference IDs: |
| FG-VD-10-004-Adobe Event ID: 22925 |
Release Date: May 11, 2010 IPS Definitions DB Version: 2.806 |
|
Description: This indicates an attack attempt to exploit a remote code-execution vulnerability in Adobe Shockwave Player. The vulnerability is caused by an error when the vulnerable software handles a "DIR" file with a malformed DEMX tag. It can lead to remote code execution. Affected Products: Shockwave Player 11.5.6.606 and earlier versions Reference IDs: |
| FG-VD-10-006-Adobe Event ID: 22924 |
Release Date: May 11, 2010 IPS Definitions DB Version: 2.806 |
|
Description: This indicates an attack attempt to exploit a remote code-execution vulnerability in Adobe Shockwave Player. The vulnerability is caused by an error when the vulnerable software handles a "DIR" file with an overly large length field. It can lead to remote code execution. Affected Products: Shockwave Player 11.5.6.606 and earlier versions Reference IDs: |
| FG-VD-10-007-Adobe Event ID: 22927 |
Release Date: May 11, 2010 IPS Definitions DB Version: 2.806 |
|
Description: This indicates an attack attempt against a buffer-overflow vulnerability in Adobe Shockwave Player. The vulnerability is caused by an error when the vulnerable software handles a "DIR" file with an invalid value. It could lead to arbitrary code execution. Affected Products: Shockwave Player 11.5.6.606 and earlier versions Reference IDs: |
| FG-VD-10-008-Adobe Event ID: 22928 |
Release Date: May 11, 2010 IPS Definitions DB Version: 2.806 |
|
Description: This indicates an attack attempt against a memory-corruption vulnerability in Adobe Shockwave Player. The vulnerability is caused by an error when the vulnerable software handles a "DIR" file with an invalid value. It could lead to arbitrary code execution. Affected Products: Shockwave Player 11.5.6.606 and earlier versions Reference IDs: |
| FG-VD-10-009-Adobe Event ID: 22930 |
Release Date: May 11, 2010 IPS Definitions DB Version: 2.806 |
|
Description: This indicates an attack attempt against a memory-corruption vulnerability in Adobe Shockwave Player. The vulnerability is caused by an error when the vulnerable software handles a "DIR" file with an invalid value. It could lead to remote code execution. Affected Products: Shockwave Player 11.5.6.606 and earlier versions Reference IDs: |
| FG-VD-10-011-Adobe Event ID: 22931 |
Release Date: May 11, 2010 IPS Definitions DB Version: 2.806 |
|
Description: This indicates an attack attempt against a memory-corruption vulnerability in Adobe Shockwave Player. The vulnerability is caused by an error when the vulnerable software handles a "DIR" file with an invalid value. It could lead to remote code execution. Affected Products: Shockwave Player 11.5.6.606 and earlier versions Reference IDs: |
| FG-VD-10-013-Adobe Event ID: 22926 |
Release Date: May 11, 2010 IPS Definitions DB Version: 2.806 |
|
Description: This indicates an attack attempt against a memory-corruption vulnerability in Adobe Shockwave Player. The vulnerability is caused by an error when the vulnerable software handles a malicious tag length value. It allows a remote attacker to execute arbitrary code via sending a crafted .dir file. Affected Products: Shockwave Player version 11.5.6.606 Reference IDs: |
| Maple.Maplet.File.Creation.Command.Execution Event ID: 22912 |
Release Date: May 18, 2010 IPS Definitions DB Version: 2.810 |
|
Description: This indicates a possible attack against a priviledge-abuse vulnerability in Maple. The vulnerability is in the Maple Maplet File Creation and Command Execution module, which allows code in a .maplet file to be executed without user interaction. An attacker may exploit this to execute arbitrary code by enticing the victim to open a specially modified .maplet file with Maple. Affected Products: All versions up to 13 |
| MS.Visio.DXF.File.Buffer.Overflow Event ID: 22176 |
Release Date: May 13, 2010 IPS Definitions DB Version: 2.808 |
|
Description: This indicates an attempt to exploit a buffer-overflow vulnerability in Microsoft Visio. The vulnerability is caused by an error that occurs in visiodwg.dll while processing malformed DXF files. It allows remote attackers to execute arbitrary code via a crafted DXF file. Affected Products: Microsoft Visio 2002 SP2 Reference IDs: |
| Sun.Directory.Server.DSML.Over.HTTP.Username.Search.DoS Event ID: 20926 |
Release Date: May 11, 2010 IPS Definitions DB Version: 2.806 |
|
Description: This indicates an attack attempt to exploit a denial of service vulnerability in Sun Directory Server. The vulnerability is caused by an error when the vulnerable software handles a malformed DSML-over-HTTP packet. It allows a remote attacker to execute arbitrary code via sending a crafted DSML-over-HTTP request from the client. Affected Products: Sun Java System Directory Server 5.2, 6.0, 6.1, 6.2, 6.3, 6.3.1 Reference IDs: |
| Sun.Directory.Server.Enterprise.DSML.UTF8.DoS Event ID: 20935 |
Release Date: May 11, 2010 IPS Definitions DB Version: 2.806 |
|
Description: This indicates an attack attempt against a denial-of-service vulnerability in Sun Directory Server Enterprise. The vulnerability is caused by an error when the vulnerable software handles malicious XML content. It allows a remote attacker to crash the service via sending a crafted HTTP request. Affected Products: Oracle Sun Product Suite 5.2, 6.0, 6.1, 6.2, 6.3, and 6.3.1 Reference IDs: |
Medium ( 2 )
| Adobe.ColdFusion.logintowizard.cfm.XSS Event ID: 22987 |
Release Date: May 13, 2010 IPS Definitions DB Version: 2.808 |
|
Description: This indicates an attack attempt against a cross-site scripting vulnerability in Adobe ColdFusion. The vulnerability exists in the ColdFusion Administrator page. An attacker may exploit this to execute arbitrary code. Affected Products: ColdFusion 8.0, 8.0.1, 9.0 and earlier versions Reference IDs: |
| Adobe.Shockwave.Player.Dir.File.ATOM.Size.DoS Event ID: 22999 |
Release Date: May 14, 2010 IPS Definitions DB Version: 2.809 |
|
Description: This indicates an attack attempt to exploit a memory-corruption vulnerability in Adobe Shockwave Player. The vulnerability is caused by an error when the vulnerable software handles a "DIR" file that includes a malformed file header. It can be exploited via a crafted ".dir" file, leading to remote code execution. Affected Products: Shockwave Player 11.5.6.606 and earlier versions for Windows and Macintosh Reference IDs: |
Low ( 7 )
| FTP.Brute.Force.Login Event ID: 22909 |
Release Date: May 14, 2010 IPS Definitions DB Version: 2.809 |
|
Description: This indicates a multiple FTP login failure sent by an FTP server to the same FTP client occurring in a short period of time. It indicates that an attacker is attempting a brute force login on the FTP server. Affected Products: All FTP servers |
| HTTP.Brute.Force.Authentication Event ID: 20949 |
Release Date: May 14, 2010 IPS Definitions DB Version: 2.809 |
|
Description: This indicates a multiple HTTP authentication failure occurring in a short period of time. It indicates that an attacker is attempting a brute force attack on a web server. Affected Products: Any web server requiring authentication to access |
| IMAP.Brute.Force.Login Event ID: 20946 |
Release Date: May 19, 2010 IPS Definitions DB Version: 2.811 |
|
Description: This indicates a multiple IMAP logon failure for the same IP address occurring in a short period of time. It indicates that an attacker is attempting a brute force attack on an IMAP server. Affected Products: All IMAP servers |
| MySQL.Brute.Force.Login Event ID: 20954 |
Release Date: May 14, 2010 IPS Definitions DB Version: 2.809 |
|
Description: This indicates a multiple MySQL server login failure occurring in a short period of time. It indicates that an attacker is attempting a brute force guessing of the username and password against a MySQL server. Affected Products: Any MySQL server |
| Oracle.Brute.Force.Login Event ID: 21050 |
Release Date: May 19, 2010 IPS Definitions DB Version: 2.811 |
|
Description: This indicates a multiple Oracle login failure for the same IP address occurring in a short period of time. It indicates that an attacker is attempting a brute force username/password guessing on an Oracle server. Affected Products: Any Oracle Server |
| POP3.Brute.Force.Login Event ID: 20945 |
Release Date: May 14, 2010 IPS Definitions DB Version: 2.809 |
|
Description: This indicates a multiple POP3 logon attempt occurring in a short period of time. It indicates that an attacker is attempting a brute force attack on a compromised system. Affected Products: All POP3 servers |
| Telnet.Brute.Force.Login Event ID: 20940 |
Release Date: May 14, 2010 IPS Definitions DB Version: 2.809 |
|
Description: This indicates a multiple telnet logon failure occurring in a short period of time. It indicates that an attacker is attempting a brute force attack on a telnet server. Affected Products: All telnet servers |
Top of Section
Enhanced Coverage
The FortiGuard Threat Research team updates security content as new vectors of exploitation are discovered. The table below details the security content enhanced with this release.
Critical ( 2 )
| Event Name | Revision Notes |
|---|---|
| Java.Deployment.Toolkit.Launch.Method.Access | Detection Enhanced |
| MS.IE.Userdata.Behavior.Code.Execution | Detection Enhanced |
High ( 10 )
| Event Name | Revision Notes |
|---|---|
| Adobe.Shockwave.Player.Dir.File.DEMX.Tag.Memory.Corruption | Previous name: "FG-VD-10-004-Adobe" |
| Adobe.Shockwave.Player.Dir.File.Handling.Memory.Corruption | Previous name: "FG-VD-10-008-Adobe" |
| Adobe.Shockwave.Player.Dir.File.Length.Field.Memory.Corruption | Previous name: "FG-VD-10-006-Adobe" |
| Adobe.Shockwave.Player.Dir.File.Parsing.Access.Violation | Previous name: "FG-VD-10-009-Adobe" |
| Adobe.Shockwave.Player.Dir.File.Parsing.Heap.Exhaustion | Previous name: "FG-VD-10-007-Adobe" |
| Adobe.Shockwave.Player.Dir.Invalid.Length.Code.Execution | Previous name: "FG-VD-10-013-Adobe" |
| Adobe.Shockwave.Player.IML32.Dll.Memory.Corruption | Previous name: "FG-VD-10-011-Adobe" |
| FTP.Command.RMD.Overflow | Previous name: "Overflow.RMD" |
| NNTP.XHDR.Range.Overflow | Severity updated to 'high' |
| Symantec.Alert.Management.Code.Execution | Detection Enhanced |
Medium ( 2 )
| Event Name | Revision Notes |
|---|---|
| Apache.HTTP.Exhaust.Connection.DoS | Default_action updated to 'pass' Detection Enhanced |
| Apple.Mail.x-unix-mode.Executable.Mail.Attachment | Detection Enhanced |
Top of Section
Active Exploitation
The FortiGuard Threat Research team uses globally distributed probes to monitor exploit activity. Vulnerabilities can be classified as active and given a magnitude level. The magnitude level is the rate of activity across the probes. The value of the magnitude is set to low, medium or high.
The table below lists the vulnerabilities discussed in this bulletin (specifically new and enhanced detection) and their corresponding exploit activity magnitude. The data below is as of this writing.
Critical ( 3 of 16 )
High ( 1 of 18 )
Medium ( 2 of 4 )
| Event Name | Active Exploitation Observed | Magnitude |
|---|---|---|
| Adobe.ColdFusion.logintowizard.cfm.XSS | No | n/a |
| Adobe.Shockwave.Player.Dir.File.ATOM.Size.DoS | No | n/a |
| Apache.HTTP.Exhaust.Connection.DoS | Yes | High |
| Apple.Mail.x-unix-mode.Executable.Mail.Attachment | Yes | Medium |
Low ( 7 of 7 )
| Event Name | Active Exploitation Observed | Magnitude |
|---|---|---|
| FTP.Brute.Force.Login | Yes | High |
| HTTP.Brute.Force.Authentication | Yes | High |
| IMAP.Brute.Force.Login | Yes | Medium |
| MySQL.Brute.Force.Login | Yes | High |
| Oracle.Brute.Force.Login | Yes | Medium |
| POP3.Brute.Force.Login | Yes | High |
| Telnet.Brute.Force.Login | Yes | Medium |
Top of Section
Document History
| Revision Date | Version Number | |
|---|---|---|
| Monday, May 24, 2010 | 1 | Initial Documentation. |
About Fortinet ( www.fortinet.com )
Fortinet is the pioneer and leading provider of ASIC-accelerated unified threat management, or UTM, security systems, which are used by enterprises and service providers to increase their security while reducing total operating costs. Fortinet solutions were built from the ground up to integrate multiple levels of security protection--including firewall, antivirus, intrusion prevention, VPN, spyware prevention and anti-spam -- designed to help customers protect against network and content level threats. Leveraging a custom ASIC and unified interface, Fortinet solutions offer advanced security functionality that scales from remote office to chassis-based solutions with integrated management and reporting. Fortinet solutions have won multiple awards around the world and are the only security products that are certified in six programs by ICSA Labs: (Firewall, Antivirus, IPSec, SSL, Network IPS, and Anti-Spyware). Fortinet is privately held and based in Sunnyvale, California.
Disclaimer
Although Fortinet has attempted to provide accurate information in these materials, Fortinet assumes no legal responsibility for the accuracy or completeness of the information. Please note that no Fortinet statements herein constitute or contain any guarantee, warranty or legally binding representation. All materials contained in this publication are subject to change without notice, and Fortinet reserves the right to change, modify, transfer, or otherwise revise this publication without notice.
Top of page
