CVE-2006-3222
First published: Sat Jun 24 2006(Updated: )
The FTP proxy module in Fortinet FortiOS (FortiGate) before 2.80 MR12 and 3.0 MR2 allows remote attackers to bypass anti-virus scanning via the Enhanced Passive (EPSV) FTP mode.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Fortinet FortiOS IPS Engine | =3.0 | |
| Fortinet FortiOS IPS Engine | =2.50 | |
| Fortinet FortiOS IPS Engine | =3.0_mr1 | |
| Fortinet FortiOS IPS Engine | =3.0_beta | |
| Fortinet FortiOS IPS Engine | =2.80 | |
| Fortinet FortiOS IPS Engine | =2.36 | |
| Fortinet FortiOS IPS Engine | =2.8_mr10 | |
| Fortinet FortiOS IPS Engine | =2.50_mr5 | |
| Fortinet FortiOS IPS Engine | =2.5_0mr4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://attrition.org/pipermail/vim/2006-July/000921.html
- http://secunia.com/advisories/20720
- http://www.fortinet.com/FortiGuardCenter/advisory/FG-2006-15.html
- http://www.osvdb.org/26736
- http://www.securityfocus.com/bid/18570
- http://www.vupen.com/english/advisories/2006/2467
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27532
Frequently Asked Questions
What is the severity of CVE-2006-3222?
CVE-2006-3222 is considered a medium-severity vulnerability that allows remote attackers to bypass anti-virus scanning in Fortinet FortiOS.
How do I fix CVE-2006-3222?
To fix CVE-2006-3222, upgrade Fortinet FortiOS to version 2.80 MR12 or later and 3.0 MR2 or later.
Which versions of Fortinet FortiOS are affected by CVE-2006-3222?
CVE-2006-3222 affects Fortinet FortiOS versions 2.5_0mr4, 2.8_mr10, 2.36, 2.50, 2.50_mr5, 2.80, and 3.0 beta.
What type of attack does CVE-2006-3222 facilitate?
CVE-2006-3222 facilitates remote attacks that can bypass the anti-virus scanning feature using the Enhanced Passive FTP mode.
Is there a workaround for CVE-2006-3222 if I cannot update immediately?
As a temporary workaround for CVE-2006-3222, you should disable Enhanced Passive FTP mode in FortiOS until you can apply the necessary updates.
- agent/type
- agent/softwarecombine
- agent/remedy
- agent/references
- agent/author
- agent/severity
- agent/weakness
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-historical
- vendor/fortinet
- product/fortios
- canonical/fortinet fortios
- agent/software-canonical-lookup-request
- collector/nvd-index
- canonical/fortinet fortios ips engine
- version/fortinet fortios ips engine/3.0
- version/fortinet fortios ips engine/2.50
- version/fortinet fortios ips engine/3.0_mr1
- version/fortinet fortios ips engine/3.0_beta
- version/fortinet fortios ips engine/2.80
- version/fortinet fortios ips engine/2.36
- version/fortinet fortios ips engine/2.8_mr10
- version/fortinet fortios ips engine/2.50_mr5
- version/fortinet fortios ips engine/2.5_0mr4