CVE-2005-4085

Severity

75%

Complexity

99%

Confidentiality

106%

Buffer overflow in BlueCoat (a) WinProxy before 6.1a and (b) the web console access functionality in ProxyAV before 2.4.2.3 allows remote attackers to execute arbitrary code via a long Host: header.

CVSS 2.0 Base Score 7.5. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P).

Overview

Type

Blue Coat Systems

First reported 19 years ago

2005-12-31 05:00:00

Last updated 13 years ago

2011-03-08 02:27:00

Affected Software

Blue Coat Systems WebProxy 4.0a

4.0

Blue Coat Systems WebProxy 4.0b

4.0

Blue Coat Systems WebProxy 4.0c

4.0

Blue Coat Systems WebProxy 4.0 R1e

4.0

Blue Coat Systems WebProxy 4.0 R1f

4.0

Blue Coat Systems WebProxy 4.0 R1h

4.0

Blue Coat Systems WebProxy 4.0 R1k

4.0

Blue Coat Systems WebProxy 4.0 R1m

4.0

Blue Coat Systems WebProxy 4.0 R1n

4.0

Blue Coat Systems WebProxy 4.0 R1p

4.0

Blue Coat Systems WebProxy 5.0 R1a

5.0

Blue Coat Systems WebProxy 5.0 R1b

5.0

Blue Coat Systems WebProxy 5.0 R1c

5.0

Blue Coat Systems WebProxy 5.1 R1a

5.1

Blue Coat Systems WebProxy 5.1 R1d

5.1

Blue Coat Systems WebProxy 5.1 R1e

5.1

Blue Coat Systems WebProxy 5.2 R1a

5.2

Blue Coat Systems WebProxy 6.0 R1a

6.0

Blue Coat Systems WebProxy 6.0 R1c

6.0

Blue Coat Systems ProxyAV

References

http://www.bluecoat.com/support/knowledge/advisory_host_header_stack_overflow.html

Patch, Vendor Advisory

20060105 Blue Coat Systems WinProxy Host Header Stack Overflow Vulnerability