Home    |    View Topics    |    Search    |    Contact Us    |   



Category:   Application (Security)  >   Fortinet FortiClient Vendors:   Fortinet
FortiClient VPN Client Discloses Password to Remote Users in Certain Cases
SecurityTracker Alert ID:  1028501
SecurityTracker URL:
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  May 1 2013
Impact:   Disclosure of authentication information
Fix Available:  Yes  Vendor Confirmed:  Yes  Exploit Included:  Yes  
Version(s): prior to 4.3 patch 11
Description:   A vulnerability was reported in FortiClient. A remote user can obtain the target user's VPN password.

A remote user that can conduct a man-in-the-middle attack and cause the VPN client to connect to a proxy server can obtain the target user's VPN password. The VPN client correctly detects that the SSL certificate is not correct but sends the target user's VPN password before warning the target user of the incorrect SSL certificate.

The vendor was notified on April 11, 2012.

Cedric Tissieres and Philippe Oechslin of Objectif Securite reported this vulnerability.

Impact:   A remote user can obtain the target user's VPN password.
Solution:   The vendor has issued a fix (4.3 patch 11) [in December 2012].

Android FortiClient Lite v2.0.0223 does not include the fix.

[Editor's note: No publicly accessible advisory was available at the time of this entry.]

Vendor URL: (Links to External Site)
Cause:   Access control error, State error
Underlying OS:  Android, Linux (Any), UNIX (macOS/OS X), Windows (Any)

Message History:   None.

 Source Message Contents

[Original Message Not Available for Viewing]

Go to the Top of This SecurityTracker Archive Page

Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, LLC