PSIRT Note: BeyondTrust Retina incorrectly reports...

fropert_FTNT · 01-15-2019

DescriptionThe Rapid7 vulnerability scanner reports the following security risk: "TLS/SSL Server Is Using Commonly Used Prime Numbers"The detailed description is:"The server is using a common or default prime number as a parameter during the Diffie-H...

fropert_FTNT · 03-14-2017

The IPS signature called "Apache.Struts.Jakarta.Multipart.Content.Type.Code.Execution" is available since IPS db version 10.085 to protect hosts behind a FortiGate. http://beta.fortigua...?version=10.085

fropert_FTNT · 03-01-2017

Description The automatic scanner tools mentioned below have been identified to incorrectly report FortiGate web admin GUI support "Secure Client-Initiated Renegotiation" or "Client-initiated Renegotiations".a) testssl.sh (v2.8rc3 https://testssl.sh/...

fropert_FTNT · 10-27-2016

DescriptionThe Nessus plugin "Multiple Ethernet Driver Frame Padding Information Disclosure (Etherleak)" may report the FortiGate to be vulnerable to CVE-2003-0001. SolutionThis is a false positive from the Nessus vulnerability scanner.FortiGate devi...

fropert_FTNT · 03-02-2016

DescriptionThe BeyondTrust Retina scanner reports that FortiManager is vulnerable to multiple OpenSSH vulnerabilities.It includes CVE-2015-5352, CVE-2015-5600, CVE-2015-6564 and CVE-2015-6565.SolutionThe current version of OpenSSH embedded in FortiMa...

fropert_FTNT · 11-13-2015

Hi Jungseok, Does a customer asked for it?

fropert_FTNT · 11-12-2015

Hi Viet, All the files mentioned by DrWeb are covered by the following Fortinet AV signature: ELF/Filecoder.A!tr

fropert_FTNT · 12-14-2013

Yes, Simple add a registry key for the second collector agent with its IP address and port under HKEY_LOCAL_MACHINE/SOFTWARE/Fortinet/FSAE/dcagent/ca where the DC Agent is installed.

fropert_FTNT · 11-23-2013

Hello, Since 5.0.4 (if I remember correctly) grep -f will do grep per configuration section context and pinpoint the grepped word (wan1 in this forum post case) with arrows " <----" . Regards, Francois

fropert_FTNT · 02-19-2013

@msaraiva NTLM support is actually a new feature request. This has been requested to be implemented in a future release.

User Statistics

User Activity

PSIRT Note: TLS / SSL Server Is Using Commonly Used Prime Numbers

Apache Struts vulnerability CVE-2017-5638

PSIRT Note: 'Secure Client-Initiated Renegotiation' vulnerability report on FortiGate admin webui is a false positive

PSIRT Note: Etherleak CVE-2003-0001 false positive