CVE-2007-1685 - Buffer overflow in k9filter.exe in BlueCoat K9 Web Protection 3.2.36, and probably other versions be

CVE-2007-1685

Summary

Buffer overflow in k9filter.exe in BlueCoat K9 Web Protection 3.2.36, and probably other versions before 3.2.44, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP GET request to port 2372.

References

Vulnerable Configurations

cpe:2.3:a:bluecoat:k9_web_protection:3.2.36:*:*:*:*:*:*:*
cpe:2.3:a:bluecoat:k9_web_protection:3.2.36:*:*:*:*:*:*:*

CVSS

Base:	10.0 (as of 16-10-2018 - 16:40)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:L/Au:N/C:C/I:C/A:C

refmap via4

bid	24373
bugtraq	20070608 CSIS Advisory: BlueCoat K9 Web Protection 3.2.36 Overflow
cert-vn	VU#271601
fulldisc	20070608 CSIS Advisory: BlueCoat K9 Web Protection 3.2.36 Overflow 20070608 Re: CSIS Advisory: BlueCoat K9 Web Protection 3.2.36 Overflow
misc	http://www.csis.dk/dk/forside/Bluecoat-k9.pdf
osvdb	37186
sectrack	1018210
secunia	25593
vupen	ADV-2007-2104
xf	bluecoat-management-interface-bo(34773)

Last major update

16-10-2018 - 16:40

Published

08-06-2007 - 20:30

Last modified

16-10-2018 - 16:40