Created on 10-24-2006 12:00 AM
Description | FortiOS may allow a zero-byte file (a file with a size of 0 bytes) to pass through the FortiGate unit, that should be blocked or quarantined. Although this may be alarming to some customers, it is not a security risk. |
Components | All FortiGate units running all maintenance releases of FortiOS 2.80 or 3.0 up to FortiOS v3.0 MR3. |
Steps or Commands | This problem may occur on a FortiGate unit with antivirus file blocking configured to quarantine blocked files to the FortiGate hard disk. When you enable quarantine, the antivirus file blocking process ignores the file block when handling a zero-byte file, since the body of the file is zero bytes in size. As a result, a file that the antivirus file blocking should have blocked, passes through the FortiGate unit to its destination. There is no chance of a security breach because a file of zero bytes cannot contain any harmful data. If zero byte files that should be blocked are getting through your FortiGate unit and causing concern for your users, disabling quarantine for antivirus file blocking is a temporary fix that will stop the files from getting through. Fortinet is working to fix this problem in a future FortiOS release. |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.