EUVD-2015-2942

Malware in sbrugna...

EUVD-2015-0946

Malware in sbrugna...

CVE-2011-5124

Stack-based buffer overflow in the BCAAA component before build 60258, as used by Blue Coat ProxySG 4.2.3 through 6.1 and ProxyOne, allows remote attackers to execute arbitrary code via a large packet to the synchronization port 16102/tcp...

Blue Coat ASG Command Injection (CVE-2016-9091)

A command execution vulnerability exists in Blue Coat Advanced Secure Gateway. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

Symantec (Blue Coat) Reporter UI Information Disclosure Vulnerability (SYMSA1489)

According to its self-reported version number, the Symantec formerly Blue Coat Reporter installation running on the remote host is 10.3 prior to 10.3.2.5. It is, therefore, affected by an information disclosure vulnerability. An authenticated attacker with Reporter UI access can obtain passwords...

Symantec (Blue Coat) Reporter Denial of Service vulnerability (SYMSA1280)

According to its self-reported version number, the Symantec formerly Blue Coat Reporter installation running on the remote host is prior to 10.3.1.1. It is, therefore, is affected by a denial of service vulnerability. The SSL/TLS implementation on the remote host allows clients to renegotiate...

Symantec (Blue Coat) Reporter CLI OS Command Injection Vulnerability (SYMSA1465)

According to its self-reported version number, the Symantec formerly Blue Coat Reporter installation running on the remote host is 10.1 prior to 10.1.5.6 or 10.2 prior to 10.2.1.8. It is, therefore, affected by an OS command injection vulnerability. An authenticated attacker with Enable mode...

Symantec (Blue Coat) Reporter Multiple Vulnerabilities (SA158)

According to its self-reported version number, the Symantec formerly Blue Coat Reporter installation running on the remote host is 9.5 prior to 9.5.4.1. It is, therefore, affected by multiple vulnerabilities. Note that Nessus has not attempted to exploit these issues but has instead relied only o...

CVE-2015-4523

Blue Coat Malware Analysis Appliance MAA before 4.2.5 and Malware Analyzer G2 allow remote attackers to bypass a virtual machine protection mechanism and consequently write to arbitrary files, cause a denial of service host reboot or reset to factory defaults, or execute arbitrary code via vector...

CVE-2015-4523

The CVE-2015-4523 issue affects the Blue Coat Malware Analysis Appliance (MAA) and Malware Analyzer G2. A vulnerability allows a VM-escaped sample to bypass VM protections and write to the host file system, potentially overwriting files and causing a reboot or factory reset; in some cases it coul...

CVE-2016-6594

Blue Coat Advanced Secure Gateway 6.6, CacheFlow 3.4, ProxySG 6.5 and 6.6 allows remote attackers to bypass blocked requests, user authentication, and payload scanning...

CVE-2016-6594

Blue Coat Advanced Secure Gateway 6.6, CacheFlow 3.4, ProxySG 6.5 and 6.6 allows remote attackers to bypass blocked requests, user authentication, and payload scanning...

CVE-2016-6594

The CVE-2016-6594 entry affects Blue Coat Advanced Secure Gateway 6.6, CacheFlow 3.4, and ProxySG 6.5/6.6. Description details a Security Control Bypass: when server hostname is unavailable, the products perform a reverse DNS (RDNS) lookup on the server IP to resolve a hostname. Depending on poli...

CVE-2016-9091

Blue Coat Advanced Secure Gateway ASG 6.6 before 6.6.5.4 and Content Analysis System CAS 1.3 before 1.3.7.4 are susceptible to an OS command injection vulnerability. An authenticated malicious administrator can execute arbitrary OS commands with elevated system privileges...

CVE-2016-9091

CVE-2016-9091 affects Blue Coat ASG 6.6 (pre-6.6.5.4) and CAS 1.3 (pre-1.3.7.4). The issue is an OS command injection allowing an authenticated administrator to run arbitrary commands with elevated privileges, including root via the mvtroubleshooting.sh script (per Seebug and related advisories)....

SA144 : OpenSSH Vulnerabilities January 2017

SUMMARY Blue Coat products using affected versions of OpenSSH are susceptible to several vulnerabilities. A remote attacker with access to an SSH server can exploit these vulnerabilities to execute arbitrary code on an SSH client. A local attacker can also exploit these vulnerabilities to obtain...

SA137 : NSS Vulnerabilities

SUMMARY Blue Coat products using affected versions of NSS are susceptible to several vulnerabilities. A remote attacker can exploit these vulnerabilities to obtain private Diffie-Hellman DH keys, cause denial of service through application crashes, or possibly execute arbitrary code. AFFECTED...

Code injection

A vulnerability in TCP processing in Cisco FirePOWER system software could allow an unauthenticated, remote attacker to download files that would normally be blocked. Affected Products: The following Cisco products are vulnerable: Adaptive Security Appliance ASA 5500-X Series with FirePOWER...

SA136 : OpenSSH Vulnerabilities

SUMMARY Blue Coat products using affected versions of OpenSSH are susceptible to several vulnerabilities. A remote attacker, with access to the management interface, can exploit these vulnerabilities to enumerate existing user accounts and cause denial of service through excessive CPU consumption...

SA134 : Linux Kernel Vulnerabilities Oct/Nov 2016

SUMMARY Blue Coat products that include a vulnerable version of the Linux kernel are susceptible to several vulnerabilities. A remote attacker, with access to the management interface, can exploit these vulnerabilities to cause denial of service through system crashes or have unspecified other...