CVE-2015-2281: Buffer Overflow
First published: Thu Mar 19 2015(Updated: )
Stack-based buffer overflow in collectoragent.exe in Fortinet Single Sign On (FSSO) before build 164 allows remote attackers to execute arbitrary code via a large PROCESS_HELLO message to the Message Dispatcher on TCP port 8000.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Fortinet Single Sign On | =4.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://seclists.org/fulldisclosure/2015/Mar/111
- http://www.coresecurity.com/advisories/fortinet-single-sign-on-stack-overflow
- http://www.fortiguard.com/advisory/2015-02-27-fsso-stack-based-buffer-overflow
- http://www.fortiguard.com/advisory/FG-IR-15-006/
- http://www.osvdb.org/119719
- http://www.securityfocus.com/archive/1/534918/100/0/threaded
- http://www.securityfocus.com/bid/73206
- https://www.exploit-db.com/exploits/36422/
- collector/nvd-index
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/severity
- agent/weakness
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/tags
- agent/description
- vendor/fortinet
- canonical/fortinet single sign on
- version/fortinet single sign on/4.3