[VIM] from: lists at bughunter.ca
security curmudgeon
jericho at attrition.org
Fri Jun 8 22:55:45 UTC 2007
From: J.M. Seitz <lists at bughunter.ca>
To: vim at attrition.org
Date: Fri, 8 Jun 2007 09:10:58 -0700
Subject: RE: CSIS Advisory: BlueCoat K9 Web Protection 3.2.36 Overflow
Hey Guys,
I found this bug a few months ago, the vendor is working on a patch
(albeit slowly). Use CVE-2007-1783 for this one :)
JS
> -----Original Message-----
> From: Dennis Rand [mailto:rand at csis.dk]
> Sent: Friday, June 08, 2007 12:00 AM
> To: bugtraq at securityfocus.com
> Subject: CSIS Advisory: BlueCoat K9 Web Protection 3.2.36 Overflow
>
> CSIS Security Group has discovered a remote exploitable
> arbitrary overwrite, in the Blue Coat
> K9 Web Protection local Web configuration manager on
> 127.0.0.1 and port 2372.
>
> This allows an attacker to perform at least a Denial of
> Service condition, on the usage of internet.
>
> Since the overflow can result in an overwrite of both the
> return address and SHE, remote code execution is possible.
>
> Another attack vector could also be privilege escalation on
> the local machine.
>
> The Full advisory can be downloaded at:
> http://www.csis.dk/dk/forside/Bluecoat-k9.pdf
>
>
> Best regards
> Dennis Rand
> Malware/Security Researcher
> CSIS Security Group
> http://www.csis.dk
More information about the VIM
mailing list