(ProxyAV is Affected) Blue Coat WinProxy Host Header Buffer Overflow Lets Remote Users Execute Arbitrary Code - SecurityTracker

	Keep Track of the Latest Vulnerabilities with SecurityTracker!

Home | View Topics | Search | Contact Us |

SecurityTracker
Archives

Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary

Instant Alerts

Buy our Premium Vulnerability Notification Service to receive customized, instant alerts

Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!

Become a Partner and License Our Database or Notification Service

Report a Bug

Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com

Category: Device (Embedded Server/Appliance) > Blue Coat ProxyAV

Vendors: Blue Coat Systems

(ProxyAV is Affected) Blue Coat WinProxy Host Header Buffer Overflow Lets Remote Users Execute Arbitrary Code

SecurityTracker Alert ID: 1015645

SecurityTracker URL: http://securitytracker.com/id/1015645

CVE Reference: CVE-2005-3187, CVE-2005-4085 (Links to External Site)

Date: Feb 17 2006

Impact: Denial of service via network, Execution of arbitrary code via network, User access via network

Fix Available: Yes Vendor Confirmed: Yes

Description: iDEFENSE reported a vulnerability in Blue Coat WinProxy. A remote user can cause denial of service conditions. A remote user can also execute arbitrary code on the target system. ProxyAV is also affected.

A remote user can submit a specially crafted HTTP request that is approximately 32,768 bytes long to cause the WinProxy service to crash [CVE-2005-3187].

A remote user can submit a specially crafted HTTP header 'Host' parameter value to trigger a buffer overflow and execute arbitrary code on the target system [CVE-2005-4085].

The vendor was notified on October 12, 2005 [CVE-2005-3187] and December 7, 2005 [CVE-2005-4085].

The original advisories are available at:

http://www.idefense.com/intelligence/vulnerabilities/display.php?id=363
http://www.idefense.com/intelligence/vulnerabilities/display.php?id=364

Impact: A remote user can execute arbitrary code on the target system.

A remote user can cause the target service to crash.

Solution: The vendor has issued a fixed version of ProxyAV (2.4.2.4), which is also affected by this vulnerability.

The vendor's advisory is available at:

http://www.bluecoat.com/support/knowledge/advisory_host_header_stack_overflow.html

Vendor URL: www.bluecoat.com/support/knowledge/advisory_host_header_stack_overflow.html (Links to External Site)

Cause: Boundary error

Underlying OS: Windows (Any)

Message History: This archive entry is a follow-up to the message listed below.

Blue Coat WinProxy Host Header Buffer Overflow Lets Remote Users Execute Arbitrary Code

Source Message Contents

Date: Fri, 17 Feb 2006 16:02:54 -0500
Subject: Host Header Stack Overflow Vulnerability



http://www.bluecoat.com/support/knowledge/advisory_host_header_stack_overflow.html

CVE-2005-4085

Go to the Top of This SecurityTracker Archive Page

Home | View Topics | Search | Contact Us
Copyright 2013, SecurityGlobal.net LLC