Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   


Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker

Category:   Application (Security)  >   K9 Web Protection Vendors:   Blue Coat Systems
Blue Coat Systems K9 Web Protection Buffer Overflow May Let Remote Users Execute Arbitrary Code
SecurityTracker Alert ID:  1018210
SecurityTracker URL:
CVE Reference:   CVE-2007-1685   (Links to External Site)
Date:  Jun 8 2007
Impact:   Denial of service via network, Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  Exploit Included:  Yes  
Version(s): prior to 3.2.44
Description:   A vulnerability was reported in K9 Web Protection. A remote user can cause denial of service conditions and may be able to cause arbitrary code to be executed on the target user's system.

A remote user can create a specially crafted URL that, when loaded by the target user, will trigger a buffer overflow and cause the service to crash or potentially execute arbitrary code.

A specially crafted URL for the localhost ( Web configuration manager on port 2372 can trigger the overflow.

The vendor was notified on April 4, 2007.

Dennis Rand of the CSIS Security Group ( discovered this vulnerability.

The original advisory is available at:

Impact:   A remote user can create a URL that, when loaded by the target user, may execute arbitrary code on the target user's system.
Solution:   The vendor has issued a fixed version (3.2.44).
Vendor URL: (Links to External Site)
Cause:   Boundary error
Underlying OS:   Windows (2000), Windows (Vista), Windows (XP)

Message History:   None.

 Source Message Contents

Date:  Fri, 8 Jun 2007 09:02:48 +0200
Subject:  CSIS Advisory: BlueCoat K9 Web Protection 3.2.36 Overflow

CSIS Security Group has discovered a remote exploitable arbitrary
overwrite, in the Blue Coat
K9 Web Protection local Web configuration manager on and port

This allows an attacker to perform at least a Denial of Service
condition, on the
usage of internet.

Since the overflow can result in an overwrite of both the return address
and SHE, remote code
execution is possible.

Another attack vector could also be privilege escalation on the local

The Full advisory can be downloaded at:

Best regards
Dennis Rand
Malware/Security Researcher
CSIS Security Group


Go to the Top of This SecurityTracker Archive Page

Home   |    View Topics   |    Search   |    Contact Us

Copyright 2015, LLC