HTTP: Blue Coat Administrator Account Escalation
This signature detects attempts to exploit a known vulnerability against Blue Coat proxy appliance. Blue Coat Reporter 7.1.1.1 and earlier can be vulnerable. Attackers can create a malicious administrative account by crafting a HTTP request, which might allow them to gain control of the affected system with elevated privileges.
Extended Description
Blue Coat Reporter is prone to a remote privilege escalation vulnerability. This issue is due to a failure in the application to properly authenticate a user prior to permitting access to administrator functions. A remote authenticated user can manipulate the form for adding new users and create a new user with administrator access. The vendor has addressed this issue in the upcoming version 7.1.2 of the application.
Affected Products
Blue_coat_systems blue_coat_reporter
References
BugTraq: 13723
CVE: CVE-2005-1708
URL: http://www.governmentsecurity.org/archive/t14881.html http://marc.info/?l=bugtraq&m=111695726810435&w=2
Short Name
HTTP:MISC:BLUECOAT-ADMIN
Severity
Warning
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
Account Administrator Blue CVE-2005-1708 Coat Escalation bid:13723
Release Date
12/06/2005
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Blue_coat_systems
CVSS Score
4.6