Sickness

**Name of the Vulnerable Software and Affected Versions** FortiClient versions prior to 5.2.4 **Description** The issue allows local users to read arbitrary kernel memory. This is achieved via a specific ioctl call, 0x22608C, to certain drivers, including mdare64 48.sys, mdare32 48.sys, mdare32 52.sys, and mdare64 52.sys. **Recommendations** For versions prior to 5.2.4, update to version 5.2.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the affected drivers to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Fortinet FortiClient versions prior to 5.2.4 **Description** The issue allows local users to execute arbitrary code with kernel privileges. This is achieved by setting the callback function in a (1) 0x220024 or (2) 0x220028 ioctl call, specifically targeting the Fortishield.sys driver. **Recommendations** For versions prior to 5.2.4, update to version 5.2.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the Fortishield.sys driver to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Wireshark versions 1.4.0 through 1.4.4 **Description** A stack-based buffer overflow issue exists in the DECT dissector component of Wireshark, which can be exploited by remote attackers through a crafted .pcap file, potentially allowing the execution of arbitrary code. **Recommendations** For Wireshark versions 1.4.0 through 1.4.4, update to version 1.4.5 or later to resolve the issue.