CVE-2015-5736
CVE-2015-5736
The Fortishield.sys driver in Fortinet FortiClient before 5.2.4 allows local users to execute arbitrary code with kernel privileges by setting the callback function in a (1) 0x220024 or (2) 0x220028 ioctl call.
Produtos afetados
n/a · n/aPoCs públicas encontradas — 8
githubgithub.com/avielzecharia/CVE-2015-5736★ 2cve_referencewww.exploit-db.com/exploits/41721/não verificadocve_referencewww.exploit-db.com/exploits/41722/não verificadocve_referencewww.exploit-db.com/exploits/45149/não verificadoexploitdbwww.exploit-db.com/exploits/45149não verificadoexploitdbwww.exploit-db.com/exploits/41722não verificadocve_referencepacketstormsecurity.com/files/133398/FortiClient-Antivirus-Information-Exposure-Access-Control.htmlnão verificadoexploitdbwww.exploit-db.com/exploits/41721não verificado⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
http://fortiguard.com/advisory/mulitple-vulnerabilities-in-forticlienthttp://packetstormsecurity.com/files/133398/FortiClient-Antivirus-Information-Exposure-Access-Control.htmlhttp://seclists.org/fulldisclosure/2015/Sep/0https://www.exploit-db.com/exploits/41721/https://www.exploit-db.com/exploits/41722/https://www.exploit-db.com/exploits/45149/http://www.coresecurity.com/advisories/forticlient-antivirus-multiple-vulnerabilitieshttp://www.fortiguard.com/advisory/mulitple-vulnerabilities-in-forticlienthttp://www.securityfocus.com/archive/1/536369/100/0/threadedhttp://www.securitytracker.com/id/1033439