For those who follow security news, you are probably aware of an issue in the glibc library called CVE-2015-0235 (making this issue sound even scarier, it is also referred to as GHOST). A number of Fortinet products use this library; however, the impact on these Fortinet products is not as frightening as the name of the vulnerability implies.
For a complete explanation, Fortinet has put out an advisory at http://www.fortiguard.com/advisory/2015-01-28-cve-2015-0235-ghost-vulnerability
For more information on GHOST, here are some useful links to check out:
- https://access.redhat.com/articles/1332213
- https://isc.sans.edu/forums/diary/New+Critical+GLibc+Vulnerability+CVE20150235+aka+GHOST/19237/
- http://www.symantec.com/connect/blogs/linux-ghost-vulnerability-cve-2015-0235-not-scary-it-looks
- https://nakedsecurity.sophos.com/2015/01/29/the-ghost-vulnerability-what-you-need-to-know/
The post Fortinet and the GHOST Vulnerability appeared first on Fortinet Cookbook.