FortiOS / FortiProxy - Access to NULL pointer in SSL VPN portal
An access of uninitialized pointer vulnerability [CWE-824] in the SSL VPN portal of FortiOS & FortiProxy may allow a remote unauthenticated or authenticated (see Affected Products section) attacker to crash the sslvpn daemon via an HTTP GET request.
No need to be authenticated to provoke a crash:
FortiOS version 6.4.4 through 6.4.9
FortiOS version 7.0.0 through 7.0.5
FortiOS version 7.2.0
FortiProxy version 7.0.0 through 7.0.4
Need to be authenticated to provoke a crash:
FortiOS 6.0 all versions
FortiOS version 6.2.0 through 6.2.10
FortiOS version 6.4.0 through 6.4.3
FortiProxy version 1.2.6 through 1.2.13
FortiProxy version 2.0.0 through 2.0.9
Upgrade FortiOS to version 7.2.2 and above,
Upgrade FortiOS to version 7.0.7 and above,
Upgrade FortiOS to version 6.4.10 and above,
Upgrade FortiOS to version 6.2.11 and above.
Upgrade FortiProxy to version 7.2.1 and above,
Upgrade FortiProxy to version 7.0.7 and above,
Upgrade FortiProxy to version 2.0.10 and above.