Full Disclosure mailing list archives
CSIS Advisory: BlueCoat K9 Web Protection 3.2.36 Overflow
From: "Dennis Rand" <rand () csis dk>
Date: Fri, 8 Jun 2007 08:59:50 +0200
CSIS Security Group has discovered a remote exploitable arbitrary overwrite, in the Blue Coat K9 Web Protection local Web configuration manager on 127.0.0.1 and port 2372. This allows an attacker to perform at least a Denial of Service condition, on the usage of internet. Since the overflow can result in an overwrite of both the return address and SHE, remote code execution is possible. Another attack vector could also be privilege escalation on the local machine. The Full advisory can be downloaded at: http://www.csis.dk/dk/forside/Bluecoat-k9.pdf Best regards Dennis Rand Malware/Security Researcher CSIS Security Group http://www.csis.dk _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- CSIS Advisory: BlueCoat K9 Web Protection 3.2.36 Overflow Dennis Rand (Jun 07)
- Re: CSIS Advisory: BlueCoat K9 Web Protection 3.2.36 Overflow Valdis . Kletnieks (Jun 08)
- Re: CSIS Advisory: BlueCoat K9 Web Protection 3.2.36 Overflow Dennis Rand (Jun 08)
- Re: CSIS Advisory: BlueCoat K9 Web Protection 3.2.36 Overflow Jared DeMott (Jun 08)
- Re: CSIS Advisory: BlueCoat K9 Web Protection 3.2.36 Overflow Dennis Rand (Jun 08)
- Re: CSIS Advisory: BlueCoat K9 Web Protection 3.2.36 Overflow Jared DeMott (Jun 08)
- Re: CSIS Advisory: BlueCoat K9 Web Protection 3.2.36 Overflow Dennis Rand (Jun 08)
- Re: CSIS Advisory: BlueCoat K9 Web Protection 3.2.36 Overflow Valdis . Kletnieks (Jun 08)