CVE-2015-4077
CVE-2015-4077
The (1) mdare64_48.sys, (2) mdare32_48.sys, (3) mdare32_52.sys, and (4) mdare64_52.sys drivers in Fortinet FortiClient before 5.2.4 allow local users to read arbitrary kernel memory via a 0x22608C ioctl call.
Productos afectados
n/a · n/aPoCs públicas encontradas — 4
githubgithub.com/ApexPredator-InfoSec/forti_shield★ 2cve_referencepacketstormsecurity.com/files/133398/FortiClient-Antivirus-Information-Exposure-Access-Control.htmlno verificadocve_referencewww.exploit-db.com/exploits/45149/no verificadoexploitdbwww.exploit-db.com/exploits/45149no verificado⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
http://fortiguard.com/advisory/mulitple-vulnerabilities-in-forticlienthttp://packetstormsecurity.com/files/133398/FortiClient-Antivirus-Information-Exposure-Access-Control.htmlhttp://seclists.org/fulldisclosure/2015/Sep/0https://www.exploit-db.com/exploits/45149/http://www.coresecurity.com/advisories/forticlient-antivirus-multiple-vulnerabilitieshttp://www.fortiguard.com/advisory/mulitple-vulnerabilities-in-forticlienthttp://www.securityfocus.com/archive/1/536369/100/0/threadedhttp://www.securitytracker.com/id/1033439