[Fortinet] Information Disclosure Vulnerability in OpenSSL (Heartbleed)

An information disclosure vulnerability has been discovered in OpenSSL versions 1.0.1 through 1.0.1f. This vulnerability may allow an attacker to access sensitive information from memory by sending specially-crafted TLS heartbeat requests.
Impact
Under certain circumstances, exploitation of this vulnerability can result in the disclosure of sensitive information.
Affected Products
FortiGate (FortiOS) 5.0.0 up to 5.0.6
FortiClient 5.x
FortiAuthenticator 3.x
FortiMail 4.3.x and 5.x
FortiVoice models 200D, 200D-T and VM
FortiRecorder
FortiADC D-Series models 1500D, 2000D and 4000D
FortiADC E-Series 3.x
Coyote Point Equalizer GX / LX 10.x
FortiDDoS 4.x
FortiDNS
AscenLink v6.5 and 7.0
Solutions
FortiGate Firewall: Upgrade to FortiOS 5.0.7. Please note that FortiOS 4.3 (4.0MR3) and lower are not affected by this vulnerability.
FortiAuthenticator: A software update for FortiAuthenticator is now available on the Fortinet Support site. This vulnerability is fixed in FortiAuthenticator version 3.0.2.
In case software upgrade is not possible – another workaround is available through IPS signature.
Apply the mitigating IPS signature to interface policies on affected FortiGate devices. The IPS signature was released in IPS update 4.476 and is named “OpenSSL.TLS.Heartbeat.Information.Disclosure”. { http://www.fortigaurd.com/advisory/FG-IR-14-011/}
An information disclosure vulnerability has been discovered in OpenSSL versions 1.0.1 through 1.0.1f. This vulnerability may allow an attacker to access sensitive information from memory by sending specially-crafted TLS heartbeat requests.
Impact
Under certain circumstances, exploitation of this vulnerability can result in the disclosure of sensitive information.
Affected Products
FortiGate (FortiOS) 5.0.0 up to 5.0.6
FortiClient 5.x
FortiAuthenticator 3.x
FortiMail 4.3.x and 5.x
FortiVoice models 200D, 200D-T and VM
FortiRecorder
FortiADC D-Series models 1500D, 2000D and 4000D
FortiADC E-Series 3.x
Coyote Point Equalizer GX / LX 10.x
FortiDDoS 4.x
FortiDNS
AscenLink v6.5 and 7.0
Solutions
FortiGate Firewall: Upgrade to FortiOS 5.0.7. Please note that FortiOS 4.3 (4.0MR3) and lower are not affected by this vulnerability.
FortiAuthenticator: A software update for FortiAuthenticator is now available on the Fortinet Support site. This vulnerability is fixed in FortiAuthenticator version 3.0.2.
In case software upgrade is not possible – another workaround is available through IPS signature.

Apply the mitigating IPS signature to interface policies on affected FortiGate devices. The IPS signature was released in IPS update 4.476 and is named “OpenSSL.TLS.Heartbeat.Information.Disclosure”. { http://www.fortigaurd.com/advisory/FG-IR-14-011/}

Online OpenSSL vulnerability checker
Reference