Description
Stack-based buffer overflow in collectoragent.exe in Fortinet Single Sign On (FSSO) before build 164 allows remote attackers to execute arbitrary code via a large PROCESS_HELLO message to the Message Dispatcher on TCP port 8000.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Core Security · textdoswindows
https://www.exploit-db.com/exploits/36422
References (8)
Core 8
Core References
Exploit x_refsource_misc
http://www.coresecurity.com/advisories/fortinet-single-sign-on-stack-overflow
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/534918/100/0/threaded
Exploit mailing-list
x_refsource_fulldisc
http://seclists.org/fulldisclosure/2015/Mar/111
Vendor Advisory x_refsource_confirm
http://www.fortiguard.com/advisory/2015-02-27-fsso-stack-based-buffer-overflow
Vendor Advisory x_refsource_confirm
http://www.fortiguard.com/advisory/FG-IR-15-006/
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/73206
Exploit, Third Party Advisory exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/36422/
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/119719
Scores
EPSS
0.3162
EPSS Percentile
96.8%
Details
CWE
CWE-119
Status
published
Products (1)
fortinet/single_sign_on
4.3
Published
Mar 19, 2015
Tracked Since
Feb 18, 2026