Fortinet FortiGate antivirus FTP scan detection bypass
| fortinet-ftp-scan-bypass (24624) |  Medium Risk |
Description:
Multiple Fortinet FortiGate security appliances running FortiOS fails to adequately protect against viruses transmitted over FTP. A remote attacker could use this vulnerability to bypass antivirus protection and potentially cause the execution of malicious code on protected systems.
*CVSS:
| Base Score: | 3.5 |
| Access Vector: | Remote |
| Access Complexity: | Low |
| Authentication: | Not Required |
| Confidentiality Impact: | None |
| Integrity Impact: | None |
| Availability Impact: | Partial |
| Temporal Score: | 2.6 |
| Exploitability: | Unproven |
| Remediation Level: | Official-Fix |
| Report Confidence: | Confirmed |
Consequences:
Bypass Security
Remedy:
Upgrade to the latest version of Fortinet FortiGate (3.0 MR1 or later), available from the Fortinet FortiGate Web site. See References.
References:
- Fortinet Inc. Web site: Fortinet: Award-Winning Products: complete, real-time network protection solutions.
- Full-Disclosure Mailing List, Mon Feb 13 2006 - 02:10:45 CST : Bypass Fortinet anti-virus using FTP.
- BID-16597: Fortinet FortiGate Antivirus Engine Bypass Vulnerability
- BID-18570: Fortinet FortiGate FTP Proxy Antivirus Engine Bypass Vulnerability
- CVE-2005-3057: The FTP component in FortiGate 2.8 running FortiOS 2.8MR10 and v3beta, and other versions before 3.0 MR1, allows remote attackers to bypass the Fortinet FTP anti-virus engine by sending a STOR command and uploading a file before the FTP server response has been sent, as demonstrated using LFTP.
- CVE-2006-3222: The FTP proxy module in Fortinet FortiOS (FortiGate) before 2.80 MR12 and 3.0 MR2 allows remote attackers to bypass anti-virus scanning via the Enhanced Passive (EPSV) FTP mode.
- OSVDB ID: 26736: FortiGate on Linux FTP EPSV Anti-Virus Scanning Bypass
- SA18844: FortiGate URL Filter and Virus Scanning Bypass Vulnerabilities
- SA20720: FortiGate FTP Anti-Virus Scanning Bypass Vulnerability
- VUPEN/ADV-2006-0539: FortiGate URL Filter and Virus Scanning Features Bypass Vulnerabilities
- VUPEN/ADV-2006-2467: Fortinet FortiOS FTP EPSV Command AntiVirus Scanning Bypass Vulnerability
Platforms Affected:
- Fortinet FortiGate FortiOS 2.80
Reported:
Feb 13, 2006
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net
* According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an "industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response." IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall IBM be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.