all InfoSec news
FortiOS & FortiProxy - Out-of-bounds Write in captive portal
March 12, 2024, 7 a.m. |
FortiGuard Labs | FortiGuard Center - IR Advisories fortiguard.fortinet.com
Workaround:
Set a non form-based authentication scheme:
config authentication scheme
edit scheme
set method method
next
end
Where can be any of those :
ntlm NTLM authentication.
basic Basic HTTP authentication.
digest Digest HTTP authentication.
negotiate Negotiate authentication.
fsso Fortinet Single …
access amp arbitrary code attacker authentication buffer buffer overflow captive portal code config cwe edit fortios fortiproxy http http requests may non out-of-bounds out-of-bounds write overflow portal requests stack vulnerability workaround
More from fortiguard.fortinet.com / FortiGuard Labs | FortiGuard Center - IR Advisories
FortiOS - Web server ETag exposure
2 weeks, 4 days ago |
fortiguard.fortinet.com
FortiSandbox - Arbitrary file read on endpoint
2 weeks, 4 days ago |
fortiguard.fortinet.com
FortiNAC-F - Lack of certificate validation
2 weeks, 4 days ago |
fortiguard.fortinet.com
FortiOS - Format String in CLI command
2 weeks, 4 days ago |
fortiguard.fortinet.com
FortiSandbox - Arbitrary file delete on endpoint
2 weeks, 4 days ago |
fortiguard.fortinet.com
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Director, Cybersecurity - Governance, Risk and Compliance (GRC)
@ Stanley Black & Decker | New Britain CT USA - 1000 Stanley Dr
Information Security Risk Metrics Lead
@ Live Nation Entertainment | Work At Home-Connecticut
IT Product Owner - Enterprise DevSec Platform (d/f/m)
@ Airbus | Hamburg - Finkenwerder
Senior Information Security Specialist
@ Arthur Grand Technologies Inc | Arlington, VA, United States
Information Security Controls SME
@ Sword | Aberdeen, Scotland, United Kingdom