CVE-2015-1452

Summary

The Control and Provisioning of Wireless Access Points (CAPWAP) daemon in Fortinet FortiOS 5.0 Patch 7 build 4457 allows remote attackers to cause a denial of service (locked CAPWAP Access Controller) via a large number of ClientHello DTLS messages.

Impact & exploitability

AV:N/AC:L/Au:N/C:N/I:N/A:C

Affected products we track (1)

Recommendation

Apply the vendor fix promptly. Open any affected product above for its exact safe version.

Additional information

• NVD record
• http://www.fortiguard.com/advisory/FG-IR-15-002/Advisory
• http://seclists.org/fulldisclosure/2015/Jan/125
• http://secunia.com/advisories/61661
• http://www.security-assessment.com/files/documents/advisory/Fortinet_FortiOS_Multiple_Vulnerabilities.pdf
• http://www.securityfocus.com/bid/72383