Hash: SHA1

             AUSCERT External Security Bulletin Redistribution

                    OpenSSL vulnerabilities - June 2015
                               16 June 2015


        AusCERT Security Bulletin Summary

Product:           Fortinet FortiOS
                   Fortinet FortiManager
                   Fortinet FortiAnalyzer
                   Fortiney FortiAP
                   Fortinet AscenLink
                   Fortinet ADC
                   Fortinet FortiAuthenticator
                   Fortinet FortiCache
                   Fortinet FortiClient
                   Fortinet FortiDDoS
                   Fortinet FortiMail
                   Fortinet FortiRecorder
                   Fortinet FortiSandbox
                   Fortinet FortiVoice Enterprise
                   Fortinet FortiWeb
                   Fortinet FSSO
Publisher:         FortiGuard
Operating System:  Network Appliance
Impact/Access:     Access Privileged Data         -- Remote/Unauthenticated
                   Denial of Service              -- Remote/Unauthenticated
                   Provide Misleading Information -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2015-1792 CVE-2015-1791 CVE-2015-1790
                   CVE-2015-1789 CVE-2015-1788 CVE-2014-8176

Reference:         ESB-2015.1561

Original Bulletin: 

- --------------------------BEGIN INCLUDED TEXT--------------------

OpenSSL vulnerabilities - June 2015


Risk   Low 

Date   Jun 11 2015

Impact Denial of service and memory corruption

CVE ID CVE-2014-8176, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, 
       CVE-2015-1791, CVE-2015-1792

OpenSSL released a security advisory in June 2015 to announce multiple 
security vulnerabilities, of low to moderate severity.

There is no known public exploit for any of the mentioned CVE in the OpenSSL 

Affected products vary, depending on the CVE:

DHE man-in-the-middle protection (Logjam): See FortiGuard bulletin 
FG-IR-15-013 for details.

CVE-2015-1788: FortiOS is confirmed to use an affected version of OpenSSL, 
although no practical case of exploitation has been demonstrated so far. Other
products are under investigation.

CVE-2015-1789: FortiOS and FortiAuthenticator are confirmed to use an affected
version of OpenSSL, although no practical case of exploitation has been 
demonstrated so far. Other products are under investigation.

CVE-2015-1790: Under investigation.

CVE-2015-1791: FortiOS and FortiClient are confirmed to use an affected 
version of OpenSSL, although no practical case of exploitation has been 
demonstrated so far. Other products are under investigation.

CVE-2015-1792: FortiMail is confirmed to use an affected version of OpenSSL, 
although no practical case of exploitation has been demonstrated so far. Other
products are under investigation.

CVE-2014-8176: See solutions below.


Denial of service (CVE-2015-1788, CVE-2015-1789, CVE-2015-1792, CVE-2014-8176)
and possible memory corruption (CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, 


Regardless the exploitability (or lack thereof) of CVE-2015-1788, 
CVE-2015-1789, CVE-2015-1790, CVE-2015-1791 and CVE-2015-1792, an OpenSSL 
upgrade will be scheduled for all products running a vulnerable version.

CVE-2014-8176 consideration:

The following products must be upgraded to the mentioned versions, which run a
non-vulnerable OpenSSL version:

FortiOS 4.3.16, FortiOS 5.0.8 or above, FortiOS 5.2.0 or above

FortiManager 5.0.9 or above

FortiAnalyzer 5.0.9 or above

FortiAP 5.0.8 or above

AscenLink 7.2.3 or above

FortiADC 4.2.0 or above

FortiAuthenticator 3.1.0 or above

FortiCache 3.0.0 or above

FortiClient Windows/MAC 5.2.3 or above

FortiClient iOS 5.2.1 or above

FortiClient Android 5.2.6 or above

FortiDDoS 4.1.5 or above

FortiMail 4.3.10 or above

FortiRecorder 2.0.1 or above

FortiSandbox 2.0.0 or above

FortiVoice Enterprise 3.0.6 or above

FortiWeb 5.3.3 or above

FSSO build 235 or above

For all products, please contact the Fortinet TAC support for updates on the 
patched release current ETA.



- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:


Australian Computer Emergency Response Team
The University of Queensland
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
Comment: http://www.auscert.org.au/render.html?it=1967