Intrusion Prevention

Fortinet.FortiGate.Cookie.Buffer.Overflow

Description

This indicates an attack attempt against a Buffer Overflow vulnerability in Fortinet's FortiGate.
The vulnerability is caused by an error when the vulnerable software handles a request with a malicious Cookie value. It allows a remote attacker to execute arbitrary code via a crafted HTTP query.

Affected Products

FortiGate 4.3.8 and prior

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Upgrade to the latest version of FortiOS.
https://www.fortinet.com/

CVE References

CVE-2016-6909

Other References

FG-IR-16-023