PSIRTDOS in headers management
Summary
A null pointer dereference [CWE-476] in FortiOS and FortiProxy SSL VPN may allow an authenticated attacker to perform a DoS attack on the device via specifically crafted HTTP requests.
| Version | Affected | Solution |
|---|---|---|
| FortiOS 7.4 | 7.4.0 | Upgrade to 7.4.1 or above |
| FortiOS 7.2 | 7.2.0 through 7.2.5 | Upgrade to 7.2.6 or above |
| FortiOS 7.0 | 7.0.0 through 7.0.12 | Upgrade to 7.0.13 or above |
| FortiOS 6.4 | 6.4 all versions | Migrate to a fixed release |
| FortiOS 6.2 | 6.2 all versions | Migrate to a fixed release |
| FortiOS 6.0 | 6.0 all versions | Migrate to a fixed release |
| FortiProxy 7.2 | 7.2.0 through 7.2.4 | Upgrade to 7.2.5 or above |
| FortiProxy 7.0 | 7.0.0 through 7.0.10 | Upgrade to 7.0.11 or above |
| FortiProxy 2.0 | 2.0 all versions | Migrate to a fixed release |
| FortiProxy 1.2 | 1.2 all versions | Migrate to a fixed release |
| FortiProxy 1.1 | 1.1 all versions | Migrate to a fixed release |
| FortiProxy 1.0 | 1.0 all versions | Migrate to a fixed release |
Virtual Patch named "FortiOS.SSL.VPN.Proxy.Debug.Information.DoS." is available in FMWP db update 23.082
Acknowledgement
Internally discovered and reported by Gwendal Guégniaud of Fortinet Product Security team in the frame of an internal audit of the SSL-VPN component.Timeline
2023-11-09: Initial publication
2023-11-14: Added IPS package info
2024-01-10: virtual patch renamed "FortiOS.SSL.VPN.CVE-2023-36641.Memory.Corruption"