Vulnerabilities > CVE-2006-1966 - Denial-Of-Service vulnerability in Fortinet28

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

fortinet

NVD

Published: 2006-04-21

Updated: 2018-10-18

Summary

An unspecified Fortinet product, possibly Fortinet28, allows remote attackers to cause a denial of service via a "small synflood" to the SMTP port (TCP port 25), as demonstrated by a 10-microsecond wait between sending packets. NOTE: this issue has been disputed in followup posts that suggest that a protection feature is triggering a RST.

Vulnerable Configurations

Part	Description	Count
Hardware	Fortinet Fortinet Fortinet28 *	1

References

http://archives.neohapsis.com/archives/fulldisclosure/2006-04/0449.html
http://archives.neohapsis.com/archives/fulldisclosure/2006-04/0472.html
http://www.securityfocus.com/archive/1/431404/100/0/threaded