CVE-2015-4077
CVE-2015-4077
The (1) mdare64_48.sys, (2) mdare32_48.sys, (3) mdare32_52.sys, and (4) mdare64_52.sys drivers in Fortinet FortiClient before 5.2.4 allow local users to read arbitrary kernel memory via a 0x22608C ioctl call.
Produtos afetados
n/a · n/aPoCs públicas encontradas — 4
githubgithub.com/ApexPredator-InfoSec/forti_shield★ 2cve_referencepacketstormsecurity.com/files/133398/FortiClient-Antivirus-Information-Exposure-Access-Control.htmlnão verificadocve_referencewww.exploit-db.com/exploits/45149/não verificadoexploitdbwww.exploit-db.com/exploits/45149não verificado⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
http://fortiguard.com/advisory/mulitple-vulnerabilities-in-forticlienthttp://packetstormsecurity.com/files/133398/FortiClient-Antivirus-Information-Exposure-Access-Control.htmlhttp://seclists.org/fulldisclosure/2015/Sep/0https://www.exploit-db.com/exploits/45149/http://www.coresecurity.com/advisories/forticlient-antivirus-multiple-vulnerabilitieshttp://www.fortiguard.com/advisory/mulitple-vulnerabilities-in-forticlienthttp://www.securityfocus.com/archive/1/536369/100/0/threadedhttp://www.securitytracker.com/id/1033439