PSIRT

FSSO stack-based buffer overflow

Description

Prior to build 237, the Windows version of FSSO can be remotely exploited to run arbitrary code over the TCP/8000 port without being authenticated.

Impact Detail

A remote attacker may be able to execute arbitrary code in the context of the FSSO collectoragent.exe process.

Affected Products

FSSO

Solutions

Upgrade to FSSO build 237 or above.
32 bits and 64 bits respectively named FSSO_Setup_5.0.0237.exe and FSSO_Setup_5.0.0237_x64.exe are available in the / FortiGate/ v5.00/ 5.2/ 5.2.3/ FSSO/ directory from support download website.
FSSO build 237 is compatible with all FortiOS versions.

Acknowledgement

Thank you to Enrique Nissim from CoreSecurity exploit writing Team for responsibly disclosing this vulnerability to Fortinet.

References

http://www.coresecurity.com/advisories/fortinet-single-sign-on-stack-overflow

IR Number	FG-IR-15-006
Date	Feb 27, 2015
Severity	High
Impact	Remote code execution
CVE ID	CVE-2015-2281
CVRF	Download

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

PSIRT

FSSO stack-based buffer overflow

Description

Impact Detail

Affected Products

Solutions

Acknowledgement

References

News/Research

Research Center

PSIRT Center

Services

By Outbreak

By Solution

By Product

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

Threat Intelligence Center

Resource Center

About

FortiGuard Labs

Partners

PSIRT

FSSO stack-based buffer overflow

Description

Impact Detail

Affected Products

Solutions

Acknowledgement

References

Threat Intelligence
Center