Is fortigate firewall v4.3.16 or v5.2.1 affected by this glibc vulnerability. I could not find anything on fortigate security advisories page
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
No, Fortinet would have filed our own CVE if Fortinet products were affected. From one document mentioning the Ghost exploit, here is a cogent explanation of the threat, and our (lack of) exposure to it:
"
[size="3"][size="1"]Ghost is security vulnerability in the very common glibc component that ships with almost all Linux-based software and hardware.[/size][/size] [size="3"][size="1"]The vulnerability potentially allows attackers to execute malicious code on servers and both locally and remotely gain complete control of Linux machines[/size][/size] [size="3"][size="1"] [/size][/size] [size="3"][size="1"]Fortinet had developed IPS signatures to protect our customers. While FortiOS embeds glibc finding an entry point to it would be very difficult if possible at all.[/size][/size]"
The document isn't publicly available, but it's not confidential, either.
I saw the internal bug discussions around the time the exploit was discovered, and each product was meticulously tested to ensure the version of the glibc library we use was not vulnerable.
Regards, Chris McMullan Fortinet Ottawa
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1713 | |
1093 | |
752 | |
447 | |
231 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.