CVE-2013-4669
https://notcve.org/view.php?id=CVE-2013-4669
FortiClient before 4.3.5.472 on Windows, before 4.0.3.134 on Mac OS X, and before 4.0 on Android; FortiClient Lite before 4.3.4.461 on Windows; FortiClient Lite 2.0 through 2.0.0223 on Android; and FortiClient SSL VPN before 4.0.2258 on Linux proceed with an SSL session after determining that the server's X.509 certificate is invalid, which allows man-in-the-middle attackers to obtain sensitive information by leveraging a password transmission that occurs before the user warning about the certificate problem. FortiClient antes de v4.3.5.472 en Windows, antes v4.0.3.134 en Mac OS X, y antes en Android v4.0, FortiClient Lite antes de v4.3.4.461 para Windows, FortiClient Lite v2.0 hasta v2.0.0223 en Android, y FortiClient SSL VPN antes de v4.0.2258 en Linux continua con una sesión de SSL después de determinar que el certificado X.509 del servidor no es válido, lo que permite a atacantes man-in-the-middle obtener información sensible mediante el aprovechamiento de una transmisión con contraseña que se produce antes de la advertencia usuario sobre el problema de certificado. • http://archives.neohapsis.com/archives/fulldisclosure/2013-05/0001.html http://objectif-securite.ch/forticlient_bulletin.php http://www.fortiguard.com/advisory/Potential-Man-In-The-Middle-Vulnerability-in-FortiClient-VPN http://www.securityfocus.com/bid/59604 • CWE-255: Credentials Management Errors CWE-310: Cryptographic Issues •
CVE-2009-1262
https://notcve.org/view.php?id=CVE-2009-1262
Format string vulnerability in Fortinet FortiClient 3.0.614, and possibly earlier, allows local users to execute arbitrary code via format string specifiers in the VPN connection name. Vulnerabilidad de formato de cadena en Fortinet FortiClient v3.0.614 y posiblemente versiones anteriores permite a usuarios locales ejecutar código de forma arbitraria a través de especificadores de formato de cadena en el nombre de la conexión VPN. • http://lists.grok.org.uk/pipermail/full-disclosure/2009-April/068583.html http://osvdb.org/53266 http://secunia.com/advisories/34524 http://www.layereddefense.com/FortiClient02Apr.html http://www.securityfocus.com/archive/1/502354/100/0/threaded http://www.securityfocus.com/archive/1/502602/100/0/threaded http://www.securityfocus.com/bid/34343 http://www.securitytracker.com/id?1021966 http://www.vupen.com/english/advisories/2009/0941 https://exchange.xforce.ibmcloud.com/vulnerabi • CWE-134: Use of Externally-Controlled Format String •
CVE-2005-4570
https://notcve.org/view.php?id=CVE-2005-4570
The Internet Key Exchange version 1 (IKEv1) implementations in Fortinet FortiOS 2.50, 2.80 and 3.0, FortiClient 2.0,; and FortiManager 2.80 and 3.0 allow remote attackers to cause a denial of service (termination of a process that is automatically restarted) via IKE packets with invalid values of certain IPSec attributes, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the vendor advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to. • http://secunia.com/advisories/18446 http://www.fortinet.com/FortiGuardCenter/VU226364.html http://www.securityfocus.com/bid/15997 http://www.vupen.com/english/advisories/2006/0182 •