36 matches found
EUVD-2002-1049
Malware in sbrugna...
Circle with Disney libbluecoat.so SSL TLD MITM Vulnerability(CVE-2017-2913)
Summary An exploitable vulnerability exists in filtering functionality of Circle with Disney. SSL certificates for specific domain names can cause the Bluecoat library to accept a different certificate than intended. An attacker can host an HTTPS server with this certificate to trigger this...
SSL Visibility Appliance may generate illegal RST packets
Overview SSL Visibility Appliance provided by Blue Coat Systems, Inc. is used as a transparent proxy for encrypted traffic management. It is reported that the appliance generates RST packets with incorrect sequence numbers when it receives HTTPS requests from certain web browsers. When the web...
JVN#91438377: SSL Visibility Appliance may generate illegal RST packets
SSL Visibility Appliance provided by Blue Coat Systems, Inc. is used as a transparent proxy for encrypted traffic management. It is reported that the appliance generates RST packets with incorrect sequence numbers when it receives HTTPS requests from certain web browsers. When the web server behi...
Bluecoat ASG 6.6/CAS OS Command Injection Vulnerability Vulnerability
Blue Coat Advanced Secure Gateway ASG and Content Analysis System CAS are both products of Blue Coat Systems, Inc. ASG is a secure Web gateway appliance; CAS is a malware analysis system that integrates application whitelisting and dual anti-malware signature databases. CAS is a malware analysis...
Blue Coat Unified Agent < 4.1.3.151952 Certificate Validation MitM
The version of Blue Coat Unified Agent installed on the remote Windows host is prior to 4.1.3.151952. It is, therefore, affected by a man-in-the-middle MitM vulnerability due to improper validation of the Client Manager certificate. A MitM attacker can exploit this, via a specially crafted...
Blue Coat Systems ProxySG SGOS信息泄露漏洞
No description provided by source...
Blue Coat Systems ProxySG SGOS Information Disclosure Vulnerability
Blue Coat Systems ProxySG is a suite of secure Web gateway appliances from Blue Coat Systems, USA. The appliance provides user authentication, Web filtering, and data loss protection to control all Web traffic. A security vulnerability exists in the default configuration of SGOS in Blue Coat...
Multiple Blue Coat Systems SSL Visibility Appliance Product Session Fixation Vulnerabilities
Blue Coat Systems SSL Visibility Appliance SV800 and others are SSL visibility appliances from Blue Coat Systems, USA, that are at the heart of encrypted traffic management, providing visibility into SSL traffic and supporting the addition of SSL inspection capabilities to advanced threat...
Multiple Blue Coat Systems SSL Visibility Appliance Product Sensitive Information Vulnerabilities
Blue Coat Systems SSL Visibility Appliance SV800 and others are SSL visibility appliances from Blue Coat Systems, USA, which are at the heart of encrypted traffic management, providing visibility into SSL traffic and supporting the addition of SSL inspection capabilities to advanced threat...
GNU C Library (glibc) __nss_hostname_digits_dots() function vulnerable to buffer overflow
Overview The nsshostnamedigitsdots function of the GNU C Library glibc allows a buffer overflow condition in which arbitrary code may be executed. This vulnerability has been assigned CVE-2015-0235, and is referred to in the media by the name "GHOST". Description According to Qualys, the...
Blue Coat WinProxy Host Header Overflow
No description provided by source. $Id: bluecoatwinproxyhost.rb 9797 2010-07-12 23:25:31Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and term...
300% Increase in malnets Attack in the past six months
Blue Coat systems has undertaken detailed research into the use of 'malnets' by criminals to help support their various attacks in order to uncover the best ways to take down these systems. Botnet infections are commonly spread though compromised websites seeded with malicious scripts and promote...
Blue Coat Reporter - Directory Traversal
Blue Coat Reporter - Directory Traversal Exploit Title: Blue Coat Reporter Unauthenticated Directory Traversal Author: nitr0us / http://twitter.com/nitr0usmx Software Link: http://www.bluecoat.com/products/reporter Version: 9.2.x - 9.1.x Tested on: Windows Server 2003 Standard Blue Coat Reporter...
Blue Coat Reporter 9.1.x / 9.2.x Directory Traversal
Blue Coat Reporter Unauthenticated Directory Traversal ================================================================================= PUBLIC RELEASE My gift to Ekoparty Security Conference 2011 @ Argentina What a great event! 21/Sept/2011 PUBLIC RELEASE Vulnerability Information...
Blue Coat WinProxy - Host Header Overflow (Metasploit)
$Id: bluecoatwinproxyhost.rb 9797 2010-07-12 23:25:31Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Blue Coat WinProxy Host Header Overflow
$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Blue Coat...
Blue Coat K9 Web Protection HTTP响应栈溢出漏洞
BUGTRAQ ID: 30464 CVECAN ID: CVE-2007-2952 K9 Web Protection是家用电脑上所使用的内容过滤解决方案,允许用户控制可访问的Internet内容。 K9 Web Protection的过滤服务(k9filter.exe)没有正确地处理从中央服务器(sp.cwfservice.net)所返回的HTTP版本信息,如果远程攻击者劫持了发送给中央服务器的请求并重新定向到恶意服务的话,则包含有超长HTTP版本信息的响应就可以触发栈溢出,导致在用户系统上执行任意指令。 Blue Coat Systems K9 Web Protection...
Blue Coat K9 Web Protection Referer头栈溢出漏洞
BUGTRAQ ID: 30463 CVECAN ID: CVE-2007-2952 K9 Web Protection是家用电脑上所使用的内容过滤解决方案,允许用户控制可访问的Internet内容。 在访问基于Web的管理接口时K9 Web Protection的过滤服务(k9filter.exe)没有正确地处理Referer头。如果用户访问了恶意站点并向该接口返回了超长的Referer头,就可以触发栈溢出,导致执行任意指令。 Blue Coat Systems K9 Web Protection 3.2.44 Blue Coat Systems -----------------...
Deterministic Network Extender 'dne2000.sys' Local Privilege Escalation
A kernel driver from Deterministic Network Extender DNE is installed on the remote host. DNE is typically packaged with third-party applications and is reportedly included with : - SafeNet HighAssurance Remote and SoftRemote - Cisco VPN Client - Blue Coat Systems WinProxy The installed version of...