URL Filtering Bypass in Fortinet FortiGate Products
CVE-2008-7161

Currently unrated

Key Information:

Vendor: Fortinet
Status: Fortigate-1000
Vendor: CVE Published:; 4 September 2009

Summary

A vulnerability in Fortinet FortiGate allows remote attackers to bypass URL filtering mechanisms by utilizing fragmented GET or POST requests that do not include the Host header when using HTTP/1.0. This issue can potentially expose sensitive information and network resources to unauthorized access.

References

http://www.securityfocus.com/bid/27276

vdb-entryx_refsource_BID

http://www.securityfocus.com/archive/1/485813/100/200/thr...

mailing-listx_refsource_BUGTRAQ

https://exchange.xforce.ibmcloud.com/vulnerabilities/39684

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Sep 4, 2009
Vulnerability Reserved
Sep 3, 2009