SB2018112907 - Information disclosure vulnerabilities in Fortinet FortiOS
Published: November 29, 2018 Updated: September 8, 2022
Security Bulletin ID
SB2018112907
Severity
Low
Patch available
YES
Number of vulnerabilities
3
Exploitation vector
Remote access
Highest impact
Information disclosure
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 3 secuirty vulnerabilities.
1) Information disclosure (CVE-ID: CVE-2018-13376)
The vulnerability allows a remote attacker to obtain potentially sensitive information.
The vulnerability exists due to uninitialized memory buffer leak exists in FortiOS web proxy's disclaimer response web pages. A remote attacker can trigger memory leak and access sensitive data be displayed in the HTTP response.
2) Information disclosure (CVE-ID: CVE-2018-13374)
The vulnerability allows a local attacker with admin privileges to obtain potentially sensitive information.The weakness exists due to information exposure. A Fortigate's read-only admin can point a LDAP server connectivity test request to a rogue LDAP server instead of the configured one to obtain the LDAP server login credentials configured in the FortiGate.
3) Information disclosure (CVE-ID: CVE-2018-13366)
The vulnerability allows a remote to obtain potentially sensitive information.The weakness exists due to Fortigate PPTP service reveals serial number of FortiGate in the hostname field defined in connection control setup packets of PPTP protocol. A remote attacker can gain access to arbitrary data.
Remediation
Install update from vendor's website.