OpenSSL Vulnerabilities Sep 2019 – Apr 2020

Summary Symantec Web Security Group WSG products using affected versions of OpenSSL may be susceptible to multiple vulnerabilities. A local or remote attacker can obtain private key or other secret key information. A remote attacker can also cause denial of service. Affected Products The followin...

OpenSSL CVE-2019-1559 Information Disclosure Vulnerability

Description OpenSSL is prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information that may aid in further attacks. OpenSSL 1.0.2 through 1.0.2q are vulnerable. Technologies Affected Bluecoat BCAAA 6.1 Bluecoat Mail Threat Defense 1...

SA161: Local Information Disclosure Due to Meltdown and Spectre Attacks

SUMMARY Symantec Network Protection products, which run on an affected CPU chipset and execute arbitrary code from external sources, are susceptible to several information disclosure vulnerabilities aka Meltdown and Spectre attacks. A remote attacker, with the ability to execute arbitrary code...

SA157: OpenSSL Vulnerabilities 28-Aug-2017 and 2-Nov-2017

SUMMARY Symantec Network Protection products using affected versions of OpenSSL are susceptible to several vulnerabilities. A remote attacker can send a crafted X.509 certificate to cause unspecified impact. They can exploit, under certain circumstances, a computational flaw in the Montgomery...

SA123 : OpenSSL Vulnerabilities 3-May-2016

SUMMARY Blue Coat products using affected versions of OpenSSL are susceptible to multiple vulnerabilities. A remote attacker can exploit these vulnerabilities to intercept and decrypt TLS sessions, obtain arbitrary data from the target's memory stack, or execute arbitrary code through buffer...

SA117 : OpenSSL Vulnerabilities 1-Mar-2016

SUMMARY Blue Coat products using affected versions of OpenSSL are susceptible to multiple vulnerabilities. A remote attacker can exploit these vulnerabilities to decrypt live and recorded SSL sessions, cause denial of service through application crashes, and possibly execute arbitrary code. A...

SA111 : OpenSSL Vulnerabilities 28-Jan-2016

SUMMARY Blue Coat products using affected versions of OpenSSL 1.0.2, 1.0.1, and 0.9.8 are susceptible to multiple vulnerabilities. A remote attacker can exploit these vulnerabilities to obtain ephemeral Diffie-Hellman DHE private key information and perform man-in-the-middle attacks on SSL/TLS...

SA98 : OpenSSL Security Advisory 11-June-2015

SUMMARY Blue Coat products using affected versions of OpenSSL 1.0.2, 1.0.1, 1.0.0, and 0.9.8 are vulnerable to multiple vulnerabilities. A remote attacker may exploit these vulnerabilities to cause a denial of service, memory corruption, application crash, or downgrade in the Diffie-Hellman...

Blue Coat Authentication and Authorization Agent (BCAAA) 5 Buffer Overflow

No description provided by source. $Id: bcaaabof.rb 13137 2011-07-09 04:10:52Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

CVE-2011-5124

Stack-based buffer overflow in the BCAAA component before build 60258, as used by Blue Coat ProxySG 4.2.3 through 6.1 and ProxyOne, allows remote attackers to execute arbitrary code via a large packet to the synchronization port 16102/tcp...

CVE-2011-5124

Stack-based buffer overflow in the BCAAA component before build 60258, as used by Blue Coat ProxySG 4.2.3 through 6.1 and ProxyOne, allows remote attackers to execute arbitrary code via a large packet to the synchronization port 16102/tcp...

Stack overflow

Stack-based buffer overflow in the BCAAA component before build 60258, as used by Blue Coat ProxySG 4.2.3 through 6.1 and ProxyOne, allows remote attackers to execute arbitrary code via a large packet to the synchronization port 16102/tcp...

CVE-2011-5124

Stack-based buffer overflow in the BCAAA component before build 60258, as used by Blue Coat ProxySG 4.2.3 through 6.1 and ProxyOne, allows remote attackers to execute arbitrary code via a large packet to the synchronization port 16102/tcp...

CVE-2011-5124

Summary (CVE-2011-5124) : A stack-based buffer overflow in the Blue Coat BCAAA component (pre-60258 builds) used by ProxySG 4.2.3–6.1 and ProxyOne allows remote code execution via a crafted 16102/tcp packet. AFFECTED: Blue Coat ProxySG/ProxyOne with BCAAA prior to build 60258. IMPACT: arbitrary c...

Blue Coat BCAAA Stack Buffer Overflow

A remote code execution vulnerability has been reported in Blue Coat Authentication and Authorization Agent BCAAA...

Blue Coat BCAAA Windows Service Stack Buffer Overflow

Added: 01/05/2012 BID: 47618 OSVDB: 72095 Background Blue Coat Authentication and Authorization Agent BCAAA is installed on a domain server and acts as an intermediary between a Blue Coat ProxySG and the domain. Problem The BCAAA Windows Service is vulnerable to a stack-based buffer overflow...

Blue Coat BCAAA Windows Service Stack Buffer Overflow

Added: 01/05/2012 BID: 47618 OSVDB: 72095 Background Blue Coat Authentication and Authorization Agent BCAAA is installed on a domain server and acts as an intermediary between a Blue Coat ProxySG and the domain. Problem The BCAAA Windows Service is vulnerable to a stack-based buffer overflow...

Blue Coat BCAAA Windows Service Stack Buffer Overflow

Added: 01/05/2012 BID: 47618 OSVDB: 72095 Background Blue Coat Authentication and Authorization Agent BCAAA is installed on a domain server and acts as an intermediary between a Blue Coat ProxySG and the domain. Problem The BCAAA Windows Service is vulnerable to a stack-based buffer overflow...

Blue Coat BCAAA Windows Service Stack Buffer Overflow

Added: 01/05/2012 BID: 47618 OSVDB: 72095 Background Blue Coat Authentication and Authorization Agent BCAAA is installed on a domain server and acts as an intermediary between a Blue Coat ProxySG and the domain. Problem The BCAAA Windows Service is vulnerable to a stack-based buffer overflow...

NGS00060 Technical Advisory: Blue Coat BCAAA Remote Code Execution Vulnerability

======= Summary ======= Name: Blue Coat BCAAA Remote Code Execution Vulnerability Release Date: 5 July 2011 Reference: NGS00060 Discoverer: Paul Harrington [email protected] Vendor: Blue Coat Systems Inc Vendor Reference: 2-358686722 Systems Affected: All versions of BCAAA associated...