HTTP: Blue Coat Host Header Overflow

This signature detects attempts to exploit a known vulnerability against Blue Coat proxy appliance. Blue Coat Reporter 7.1.1.1 and earlier might be vulnerable. Attackers can craft a malicious HTTP request, which might allow them to gain control of the affected system with elevated privileges.

Extended Description

A remote buffer-overflow vulnerability affects Blue Coat Systems WinProxy because the application fails to properly validate the length of user-supplied strings before copying them into static process buffers. An attacker may exploit this issue to execute arbitrary code with the privileges of the vulnerable application. This may facilitate unauthorized access or privilege escalation. Blue Coat Systems WinProxy 6.0 is vulnerable to this issue; other versions may also be affected. Blue Coat Systems ProxyAV is also affected by this issue.

Affected Products

Blue_coat_systems proxyav,Blue_coat_systems webproxy

References

BugTraq: 16147

CVE: CVE-2005-4085

URL: http://securitytracker.com/alerts/2006/Jan/1015441.html http://www.bluecoat.com/support/knowledge/advisory_host_header_stack_overflow.html

Short Name

HTTP:MISC:BLUECOAT-HOST-HDR-OF

Severity

Major

Recommended

False

Recommended Action

None

HTTP: Blue Coat Host Header Overflow

Extended Description

Affected Products

References

Found a potential security threat?