Fortinet Community

fropert_FTNT · 01-15-2019

DescriptionThe Rapid7 vulnerability scanner reports the following security risk: "TLS/SSL Server Is Using Commonly Used Prime Numbers"The detailed description is:"The server is using a common or default prime number as a parameter during the Diffie-H...

fropert_FTNT · 03-01-2017

Description The automatic scanner tools mentioned below have been identified to incorrectly report FortiGate web admin GUI support "Secure Client-Initiated Renegotiation" or "Client-initiated Renegotiations".a) testssl.sh (v2.8rc3 https://testssl.sh/...

fropert_FTNT · 10-27-2016

DescriptionThe Nessus plugin "Multiple Ethernet Driver Frame Padding Information Disclosure (Etherleak)" may report the FortiGate to be vulnerable to CVE-2003-0001. SolutionThis is a false positive from the Nessus vulnerability scanner.FortiGate devi...

fropert_FTNT · 03-02-2016

DescriptionThe BeyondTrust Retina scanner reports that FortiManager is vulnerable to multiple OpenSSH vulnerabilities.It includes CVE-2015-5352, CVE-2015-5600, CVE-2015-6564 and CVE-2015-6565.SolutionThe current version of OpenSSH embedded in FortiMa...

fropert_FTNT · 01-07-2016

DescriptionSLOTH main concern is about to attack TLS 1.2 client authentication (The TLS server has a certificate list that are valid and the client must provide it) with RSA-MD5 as the chosen signature algorithm.The following two important things not...

fropert_FTNT · 09-04-2014

Hi guys, Thanks for the nss link. I know exactly what you refer to. In fact the problem was two-fold. 1/ Avengine was unable to detect the virus when using some packers in the testing plan. As the avengine detected nothing then the virus was send for...

fropert_FTNT · 09-03-2014

Hello, Feel free to read the following Microsoft KB article: http://support.microsoft.com/kb/822659 And maybe this forum post could help: http://social.technet.microsoft.com/Forums/windowsserver/en-US/074d11e0-a6e9-4811-9104-686ddfbf95be/event-id-432...

fropert_FTNT · 09-03-2014

Hello Ede, It is really surprising that packers could be the root cause of detection failures. Could you please elaborate about your testing plan and fortisandbox deployment mode used? Regards, Francois

fropert_FTNT · 01-06-2014

just for fun to awake the dead thread. I got fortiscan tickets when I came back from xmas holidays

fropert_FTNT · 12-14-2013

Yes, Simple add a registry key for the second collector agent with its IP address and port under HKEY_LOCAL_MACHINE/SOFTWARE/Fortinet/FSAE/dcagent/ca where the DC Agent is installed.

Fortinet Community

User Statistics

User Activity

PSIRT Note: TLS / SSL Server Is Using Commonly Used Prime Numbers

PSIRT Note: 'Secure Client-Initiated Renegotiation' vulnerability report on FortiGate admin webui is a false positive

PSIRT Note: Etherleak CVE-2003-0001 false positive

PSIRT Note: BeyondTrust Retina incorrectly reports FortiManager vulnerable to OpenSSH vulnerabilities

PSIRT Note: SLOTH - CVE-2015-7575

RE: Have you tested the fortisandbox?

RE: FSSO agent can' t be startup

RE: Have you tested the fortisandbox?

RE: Anybody using the fortiscan?

RE: fsso with two collectors agent

News & Articles

Security Research

Company

Contact Us