CVE-2015-5736
CVE-2015-5736
The Fortishield.sys driver in Fortinet FortiClient before 5.2.4 allows local users to execute arbitrary code with kernel privileges by setting the callback function in a (1) 0x220024 or (2) 0x220028 ioctl call.
Productos afectados
n/a · n/aPoCs públicas encontradas — 8
githubgithub.com/avielzecharia/CVE-2015-5736★ 2cve_referencewww.exploit-db.com/exploits/41721/no verificadocve_referencewww.exploit-db.com/exploits/41722/no verificadocve_referencewww.exploit-db.com/exploits/45149/no verificadoexploitdbwww.exploit-db.com/exploits/45149no verificadoexploitdbwww.exploit-db.com/exploits/41722no verificadocve_referencepacketstormsecurity.com/files/133398/FortiClient-Antivirus-Information-Exposure-Access-Control.htmlno verificadoexploitdbwww.exploit-db.com/exploits/41721no verificado⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
http://fortiguard.com/advisory/mulitple-vulnerabilities-in-forticlienthttp://packetstormsecurity.com/files/133398/FortiClient-Antivirus-Information-Exposure-Access-Control.htmlhttp://seclists.org/fulldisclosure/2015/Sep/0https://www.exploit-db.com/exploits/41721/https://www.exploit-db.com/exploits/41722/https://www.exploit-db.com/exploits/45149/http://www.coresecurity.com/advisories/forticlient-antivirus-multiple-vulnerabilitieshttp://www.fortiguard.com/advisory/mulitple-vulnerabilities-in-forticlienthttp://www.securityfocus.com/archive/1/536369/100/0/threadedhttp://www.securitytracker.com/id/1033439