Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: CSIS Advisory: BlueCoat K9 Web Protection 3.2.36 Overflow
From: "Dennis Rand" <rand () csis dk>
Date: Fri, 8 Jun 2007 20:57:22 +0200

Hey Jared 


It does not matter when what was discovered as long as it got fixed J


Best regards



Fra: Jared DeMott [mailto:demottja () msu edu] 
Sendt: 8. juni 2007 19:04
Til: Dennis Rand
Cc: full-disclosure () lists grok org uk
Emne: Re: [Full-disclosure] CSIS Advisory: BlueCoat K9 Web Protection
3.2.36 Overflow


Dennis Rand wrote: 

CSIS Security Group has discovered a remote exploitable arbitrary
overwrite, in the Blue Coat
K9 Web Protection local Web configuration manager on and port

Justin Seitz of VDA Labs (www.vdalabs.com) already found this bug.
Here's the CVE: CVE-2007-1783.

 They had so many bugs, they're rolling this issue and more into the
next release.

We have a working PoC, and believe it could be transformed into remote
via embedded link.  For example:
<SCRIPT SRC="<buffer here>


Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]