Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-3222

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2006-3222
Last Modified 07 Mar 2011 09:38:07
Published 24 Jun 2006 06:06:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-3222

Summary

The FTP proxy module in Fortinet FortiOS (FortiGate) before 2.80 MR12 and 3.0 MR2 allows remote attackers to bypass anti-virus scanning via the Enhanced Passive (EPSV) FTP mode.

Vulnerable Systems

Operating System

  • Fortinet Fortios 2.36

  • Fortinet Fortios 2.5 0mr4

  • Fortinet Fortios 2.50

  • Fortinet Fortios 2.50 Mr5

  • Fortinet Fortios 2.8 Mr10

  • Fortinet Fortios 2.80

  • Fortinet Fortios 3.0

  • Fortinet Fortios 3.0 Beta

  • Fortinet Fortios 3.0 Mr1


References

CONFIRM - http://www.fortinet.com/FortiGuardCenter/advisory/FG-2006-15.html

SECUNIA - 20720

VUPEN - ADV-2006-2467

BID - 18570

XF - fortinet-ftp-espv-security-bypass(27532)

OSVDB - 26736

VIM - 20060707 FortiGate issue - "EPSV" not "ESPV"


Last Updated: 27 May 2016 10:42:56