Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2016.0711.2 FortiOS open redirect vulnerability 23 March 2016 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: FortiOS Publisher: FortiGuard Operating System: Network Appliance Impact/Access: Provide Misleading Information -- Remote with User Interaction Cross-site Scripting -- Remote with User Interaction Resolution: Patch/Upgrade Original Bulletin: http://www.fortiguard.com/advisory/fortios-open-redirect-vulnerability Comment: Users are advised an exploit program for this vulnerability was released on 22 March 2016. The risk associated to the present advisory has consequently been raised from "Medium" to "High". Revision History: March 23 2016: Public release of an exploit program March 17 2016: Initial Release - --------------------------BEGIN INCLUDED TEXT-------------------- FortiOS open redirect vulnerability Info Risk 2 Low Date Mar 16 2016 Impact Open redirect Fixed In Firmware 5.0.13 / 5.2.3 / 5.4.0 The FortiOS webui accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect. The redirect input parameter is also prone to a cross site scripting. Impact Open redirect Affected Products FortiOS Risk 2 Low Solutions Upgrade to one the following FortiOS versions: 5.0 branch: 5.0.13 or above 5.2 branch: 5.2.3 or above 5.4 branch: 5.4.0 or above 4.3 and lower branches are not affected by this vulnerability. Acknowledgement Fortinet is pleased to thanks to Javier Nieto from www.behindthefirewalls.com for reporting a FortiOS vulnerability under responsible disclosure References https://cwe.mitre.org/data/definitions/601.html - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBVvHvg36ZAP0PgtI9AQJ2/BAAkcd+nsn7tp8ppe6ipkEs+UTY2JTSxa5m u6lKrdi5anJ3ZysnPvuo9hP7utyLD+EhQl9Ikx002MpA9++vB3rLPMnLtc9dbwI1 dRWyr9lZvc4UDOk4wdlHez2oLaVNklUz6o7ulc6kAB4wh8hAxJC4KJwQMlCzzpsk XSO3EA4b+Z3trKmzH+b6+vqreoVUpED0t+XSZBdcgepAve4RcieXcJsmCFfhoiXe cHIA6JQouYP2Slg4iH8zPUiFAhjvepycVQ+l7m6BtQ9mKecbHgnYik47O0UQP5r7 ZnODaY4InM3s7P2ZLnLcrxDaX9+Y7EqbJc37I2FOMYHySN1qiThwp66tMuc7ZWyq gsn0G7V0FW6Ba/8krLxB3JESsiJPg1NTZ/vZY8VP3DhDxUX/Muuj1NsOYzSOYMXK uWZ6mJAGLxTVnkBRE8sCIsrwFCKwUcncS2Ne3XvNY5hxSZuVvBwndQVoM4Sjy/Pp 6E9MvjGrEKkZXqALOVQ2+HymPRCyQnMK3GkbnAGQAnUDQ+TH0HJ8WjND45VYDRjQ lFLR+Xt4tk8QsSDwGHmK0mxw+IaqcNa4yKahvJCcdpAXxc4CHIZFQEoC/JCZ6yc2 XGdNmjBVnoca+wEIoG18foDJiZw/Gy8CYqp5C0h6Cz8uWWpCPlGWHN03QuKMBPvR Wi0MJq7dt9Y= =kSG4 -----END PGP SIGNATURE-----