CVE-2015-2281

Fortinet Single Sign On - Stack-based Buffer Overflow via Large PROCESS_HELLO Message

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2015-2281. PoCs published by Core Security.

AI-analyzed exploit summary The exploit demonstrates a stack-based buffer overflow in Fortinet Single Sign On (FSSO) by sending a maliciously crafted packet to the message dispatcher, leading to a crash or potential remote code execution. The PoC targets the PROCESS_HELLO message handler and does not require authentication.

Description

Stack-based buffer overflow in collectoragent.exe in Fortinet Single Sign On (FSSO) before build 164 allows remote attackers to execute arbitrary code via a large PROCESS_HELLO message to the Message Dispatcher on TCP port 8000.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Core Security · textdoswindows

https://www.exploit-db.com/exploits/36422

View Code ZIP pw:eip

The exploit demonstrates a stack-based buffer overflow in Fortinet Single Sign On (FSSO) by sending a maliciously crafted packet to the message dispatcher, leading to a crash or potential remote code execution. The PoC targets the PROCESS_HELLO message handler and does not require authentication.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Fortinet Single Sign On (FSSO) Windows Active Directory 4.3.0161 and Novell eDirectory 4.3.0161

No auth needed

Prerequisites: Network access to the target system · FSSO service running on port 8000

MITRE ATT&CK