EUVD-2017-12054

Malware in sbrugna...

HTTP/HTTPS proxy support on NetScaler based on Traffic Policies Secure Web

This article describes how to configure NetScaler to proxy the traffic from MDX apps through a Proxy server like Squid, Bluecoat. Enterprises can proxy traffic configuring simple traffic rules on NetScaler box...

Linux Kernel CVE-2019-11477 Integer Overflow Vulnerability

Description Linux Kernel is prone to a remote integer-overflow vulnerability. An attacker can exploit this issue to cause denial-of-service conditions. Technologies Affected Bluecoat Mail Threat Defense 1.1 Bluecoat Malware Analysis Appliance 4.2 Bluecoat PacketShaper S-Series 11.10 Bluecoat...

OpenSSL CVE-2019-1559 Information Disclosure Vulnerability

Description OpenSSL is prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information that may aid in further attacks. OpenSSL 1.0.2 through 1.0.2q are vulnerable. Technologies Affected Bluecoat BCAAA 6.1 Bluecoat Mail Threat Defense 1...

OpenSSL CVE-2018-0734 Side Channel Attack Information Disclosure Vulnerability

Description OpenSSL is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information. This may aid in further attacks. Technologies Affected Bluecoat BCAAA 6.1 IBM AIX 5.3 IBM AIX 6.1 IBM AIX 7.1 IBM Aix 7.2 IBM DataPower Gateway...

Multiple CPU Hardware CVE-2017-5754 Information Disclosure Vulnerability

Description Multiple CPU Hardware are prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Apple Mac Os X 10.11.6 Apple iOS 11.2 Apple macOS 10.12.6 Apple macOS 10.13.2 Apple tvOS...

CVE-2017-2913

An exploitable vulnerability exists in the filtering functionality of Circle with Disney. SSL certificates for specific domain names can cause the Bluecoat library to accept a different certificate than intended. An attacker can host an HTTPS server with this certificate to trigger this...

CVE-2017-2913

An exploitable vulnerability exists in the filtering functionality of Circle with Disney. SSL certificates for specific domain names can cause the Bluecoat library to accept a different certificate than intended. An attacker can host an HTTPS server with this certificate to trigger this...

Design/Logic Flaw

An exploitable vulnerability exists in the filtering functionality of Circle with Disney. SSL certificates for specific domain names can cause the Bluecoat library to accept a different certificate than intended. An attacker can host an HTTPS server with this certificate to trigger this...

CVE-2017-2913

CVE-2017-2913 affects Circle with Disney and specifically the libbluecoat.so SSL validation path. The TALOS/NVD entries describe an exploitable MITM-style issue where SSL certificates for certain domain names can cause the Blue Coat library to accept a different certificate than intended, enablin...

CVE-2017-2913

An exploitable vulnerability exists in the filtering functionality of Circle with Disney. SSL certificates for specific domain names can cause the Bluecoat library to accept a different certificate than intended. An attacker can host an HTTPS server with this certificate to trigger this...

Circle with Disney SSL TLD Man-in-the-Middle Attack Vulnerability (CNVD-2017-33188)

Circle with Disney is a set of network monitoring and management devices for monitoring children's online behavior from Circle Media, Inc. in the United States. An SSL TLD man-in-the-middle attack vulnerability exists in the filtering feature in Circle with Disney version 2.0.1. An attacker could...

Circle with Disney libbluecoat.so SSL TLD MITM Vulnerability

Summary An exploitable vulnerability exists in filtering functionality of Circle with Disney. SSL certificates for specific domain names can cause the Bluecoat library to accept a different certificate than intended. An attacker can host an HTTPS server with this certificate to trigger this...

U.S. Dept Of Defense: Gateway information leakage

Summary: Many DoD systems use BlueCoat gateways. These gateways insert unique BlueCoat ids that permit tracking DoD users and gaining insight into the DoD network architecture when DoD users access the Internet. Description: I run a popular web service FotoForensics.com -- it's around 150,000 in...

Domain Hunter - Checks Expired Domains, Bluecoat Categorization, And Archive.Org History To Determine Good Candidates For Phishing

Domain name selection is an important aspect of preparation for penetration tests and especially Red Team engagements. Commonly, domains that were used previously for benign purposes and were properly categorized can be purchased for only a few dollars. Such domains can allow a team to bypass...

Bluecoat ASG 6.6/CAS 1.3 - Privilege Escalation Exploit

Exploit for linux platform in category local exploits Exploit Title: OS Command Injection Vulnerability in BlueCoat ASG and CAS Date: April 3, 2017 Exploit Authors: Chris Hebert, Peter Paccione and Corey Boyd Vendor Security Advisory: https://bto.bluecoat.com/security-advisory/sa138 Version: CAS...

Bluecoat ASG 6.6/CAS 1.3 - OS Command Injection Exploit

Exploit for linux platform in category remote exploits Exploit Title: OS Command Injection Vulnerability in BlueCoat ASG and CAS Date: April 3, 2017 Exploit Authors: Chris Hebert, Peter Paccione and Corey Boyd Vendor Security Advisory: https://bto.bluecoat.com/security-advisory/sa138 Version: CAS...

BlueCoat CAS 1.3.7.1 Privilege Escalation

Exploit Title: OS Command Injection Vulnerability in BlueCoat ASG and CAS Date: April 3, 2017 Exploit Authors: Chris Hebert, Peter Paccione and Corey Boyd Contact: chrisdhebertatgmail.com Vendor Security Advisory: https://bto.bluecoat.com/security-advisory/sa138 Version: CAS 1.3 prior to 1.3.7.4 ...

Bluecoat ASG 6.6/CAS 1.3 - OS Command Injection (Metasploit)

Exploit Title: OS Command Injection Vulnerability in BlueCoat ASG and CAS Date: April 3, 2017 Exploit Authors: Chris Hebert, Peter Paccione and Corey Boyd Contact: chrisdhebertatgmail.com Vendor Security Advisory: https://bto.bluecoat.com/security-advisory/sa138 Version: CAS 1.3 prior to 1.3.7.4 ...

Bluecoat ASG 6.6CAS 1.3 - OS Command Injection (Metasploit)

Bluecoat ASG 6.6CAS 1.3 - OS Command Injection Metasploit Exploit Title: OS Command Injection Vulnerability in BlueCoat ASG and CAS Date: April 3, 2017 Exploit Authors: Chris Hebert, Peter Paccione and Corey Boyd Contact: chrisdhebertatgmail.com Vendor Security Advisory:...