Info

Last Modified

8 months ago

Percent Complete

Disclosure

Jan 05, 2006

Discovery

Dec 07, 2005

Dates

Exploit

Jan 07, 2006

Solution

Unknown

This Entry needs help! It is only 5% Complete. Click the edit link above to add more information.

Contributing is fast and easy, and benefits the entire security community.

Description

(Description Provided by CVE) : Buffer overflow in BlueCoat (a) WinProxy before 6.1a and (b) the web console access functionality in ProxyAV before 2.4.2.3 allows remote attackers to execute arbitrary code via a long Host: header.

Classification

Attack Type: Input Manipulation

Products

Unknown or Incomplete

References

Related OSVDB ID: 22237 22239
Generic Exploit URL: http://metasploit.com/projects/Framework/modules/exploits/bluecoat_winproxy.pm
Other Advisory URL: http://www.idefense.com/intelligence/vulnerabilities/display.php?id=364
Vendor Specific Advisory URL: http://www.bluecoat.com/support/knowledge/advisory_host_header_stack_overflow.htm ......
Secunia Advisory ID: 18288 18909
Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0176.html
http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0259.html
CVE ID: 2005-4085 (see also: NVD)
Security Tracker: 1015441
Vendor URL: http://www.winproxy.com/

Tools & Filters

Nessus	20391 20393
Snort	5997

Credit

Unknown or Incomplete

Blogs

Provided by Technorati

None found at this time

Comments

Add Comment Hide Add Comment

No Comments.

DONATE NOW!

User Status

Account
- Login
- Sign-Up

Quick Searches