Help
FortiNAC
NOTE: FortiNAC is now named FortiNAC-F. For post-9.4 articles, see FortiNAC-F. FortiNAC is a zero-trust network access solution that provides users with enhanced visibility into the Internet of Things (IoT) devices on their enterprise networks.
FortiKoala
Staff
Staff

Created on ‎09-28-2018 01:15 AM

Article Id 193599

Technical Note: VULNERABILITY CVE-2015-7547

Description
VULNERABILITY CVE-2015-7547

Solution
Date: 02.23.2016
Updated: 03.15.2016

Issue: Bradford is aware of the vulnerability CVE-2015-7547.  This refers to a stack-based buffer overflow condition which creates opportunity for attackers to manipulate DNS traffic that can adversely affect libresolv. 

Information regarding this vulnerability can be found at the following URL:
https://access.redhat.com/security/cve/cve-2015-7547

Only Network Sentry appliances running Firmware Version 6.0 (available on CentOS7) are susceptible to the vulnerability.  Appliances running Firmware Version 5.x or below are not susceptible.


Confirming Firmware Version

Administrative UI: Refer to the Summary panel in the dashboard to confirm the appliance Firmware Version.  If this panel does not display, click the Add Panel button to add the Summary panel to the view.  

CLI:  The Firmware Version displays upon login.

Product Family: NetworkSentry
Appliance Type: Network Sentry VM-NS1200
Engine Version: 8.0.0.514
Build Date: Mon 28-Dec-2015
Firmware Version: 6.0.0.437
Firmware Date: 2015-10-23


Solution:  Apply the latest Network Sentry OS update.
For details see Network Sentry O/S Updates - March 14, 2016




Labels:
226
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.