MidnightBSD

Advisories for bluecoat

CVE-2002-1060 MEDIUM

Cross-site scripting (XSS) vulnerability in Blue Coat Systems (formerly CacheFlow) CacheOS on Client Accelerator 4.1.06, Security Gateway 2.1.02, and Server Accelerator 4.1.06 allows remote attackers to inject arbitrary web script or HTML via a URL to a nonexistent hostname that includes the HTML, which is inserted into the resulting error page.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
bluecoat cacheos 3.1.18
bluecoat cacheos 4.0.11
bluecoat cacheos 4.0.12
bluecoat cacheos 3.1.21
bluecoat cacheos 4.0.13
bluecoat cacheos 4.1.6
bluecoat cacheos 4.0
bluecoat cacheos 3.1.19
bluecoat cacheos 4.0.14
bluecoat cacheos 3.1.17
CVE-2004-0079 MEDIUM

The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,CWE-476,

Products Affected

Vendor Product Version
novell edirectory 8.6.2
avaya sg203 4.4
cisco ios 12.2(14)sy
openssl openssl 0.9.7c
lite speed_technologies_litespeed_web_server 1.1.1
cisco pix_firewall_software 6.0
sgi propack 3.0
sco openserver 5.0.6
avaya intuity_audix 5.1.46
tarantella tarantella_enterprise 3.20
avaya vsu 7500_r2.0.1
sgi propack 2.3
avaya sg203 4.31.29
vmware gsx_server 3.0_build_7592
avaya vsu 5
cisco webns 7.1_0.1.02
stonesoft stonegate_vpn_client 1.7
cisco pix_firewall_software 6.3(3.102)
cisco firewall_services_module 2.1_(0.208)
neoteris instant_virtual_extranet 3.1
lite speed_technologies_litespeed_web_server 1.2.2
avaya s8700 r2.0.1
cisco pix_firewall_software 6.0(2)
stonesoft stonebeat_webcluster 2.0
cisco pix_firewall_software 6.0(4.101)
vmware gsx_server 2.0
vmware gsx_server 2.5.1_build_5336
hp apache-based_web_server 2.0.43.04
cisco firewall_services_module 1.1.3
stonesoft stonegate_vpn_client 2.0.8
redhat openssl 0.9.6-15
cisco pix_firewall_software 6.3(3.109)
checkpoint firewall-1 2.0
openssl openssl 0.9.7b
4d webstar 5.2.3
sgi propack 2.4
lite speed_technologies_litespeed_web_server 1.2_rc1
openbsd openbsd 3.3
avaya intuity_audix *
cisco webns 7.10_.0.06s
cisco firewall_services_module 1.1.2
bluecoat cacheos_ca_sa 4.1.10
symantec clientless_vpn_gateway_4400 5.0
checkpoint vpn-1 next_generation_fp0
cisco ios 12.2sy
cisco css_secure_content_accelerator 2.0
cisco pix_firewall_software 6.1(2)
stonesoft stonegate 2.2.1
securecomputing sidewinder 5.2.0.04
cisco application_and_content_networking_software *
cisco gss_4480_global_site_selector *
stonesoft servercluster 2.5.2
securecomputing sidewinder 5.2.1.02
hp apache-based_web_server 2.0.43.00
avaya s8700 r2.0.0
lite speed_technologies_litespeed_web_server 1.0.1
tarantella tarantella_enterprise 3.40
redhat linux 8.0
stonesoft stonegate 2.0.5
openssl openssl 0.9.6j
cisco pix_firewall 6.2.2_.111
redhat linux 7.2
stonesoft stonebeat_fullcluster 1_3.0
novell edirectory 8.7.1
stonesoft stonegate 2.0.8
neoteris instant_virtual_extranet 3.3
freebsd freebsd 4.8
novell edirectory 8.7
cisco pix_firewall_software 6.0(3)
cisco css11000_content_services_switch *
stonesoft stonegate 2.0.9
redhat openssl 0.9.6b-3
hp hp-ux 11.00
hp wbem a.02.00.01
novell imanager 2.0
hp hp-ux 8.05
avaya vsu 500
cisco webns 6.10_b4
novell edirectory 8.5.27
neoteris instant_virtual_extranet 3.2
avaya converged_communications_server 2.0
cisco pix_firewall_software 6.1
stonesoft stonegate 2.2
securecomputing sidewinder 5.2.0.03
cisco ios 12.1(11b)e14
stonesoft stonegate 2.0.4
redhat enterprise_linux 3.0
vmware gsx_server 2.0.1_build_2129
lite speed_technologies_litespeed_web_server 1.3
avaya s8500 r2.0.1
cisco ios 12.2za
cisco ciscoworks_common_management_foundation 2.1
stonesoft stonegate 2.0.7
cisco pix_firewall_software 6.0(4)
cisco pix_firewall_software 6.1(4)
securecomputing sidewinder 5.2.1
dell bsafe_ssl-j 3.0.1
avaya sg200 4.4
4d webstar 5.2.4
cisco pix_firewall_software 6.1(5)
checkpoint vpn-1 next_generation_fp1
avaya s8500 r2.0.0
stonesoft stonebeat_webcluster 2.5
stonesoft stonegate 2.0.6
bluecoat cacheos_ca_sa 4.1.12
4d webstar 5.3.1
stonesoft stonebeat_fullcluster 1_2.0
stonesoft stonebeat_fullcluster 3.0
cisco pix_firewall_software 6.2(3.100)
lite speed_technologies_litespeed_web_server 1.3_rc1
securecomputing sidewinder 5.2.0.01
novell edirectory 8.5.12a
cisco ios 12.1(19)e1
securecomputing sidewinder 5.2.0.02
cisco pix_firewall_software 6.3(1)
cisco call_manager *
stonesoft stonegate 1.7.1
securecomputing sidewinder 5.2
sco openserver 5.0.7
stonesoft stonegate 2.1
bluecoat proxysg *
sun crypto_accelerator_4000 1.0
stonesoft stonegate 1.5.18
avaya intuity_audix s3210
stonesoft stonegate_vpn_client 1.7.2
stonesoft stonegate 2.0.1
openssl openssl 0.9.6i
openssl openssl 0.9.6c
avaya vsu 100_r2.0.1
lite speed_technologies_litespeed_web_server 1.0.3
avaya sg5 4.4
vmware gsx_server 2.5.1
cisco content_services_switch_11500 *
openssl openssl 0.9.6f
hp hp-ux 11.23
avaya vsu 5000_r2.0.1
hp aaa_server *
hp wbem a.02.00.00
stonesoft stonegate 2.2.4
avaya intuity_audix s3400
checkpoint firewall-1 next_generation_fp2
cisco threat_response *
cisco ios 12.2(14)sy1
openssl openssl 0.9.6g
4d webstar 5.2.1
cisco webns 7.10
cisco ciscoworks_common_services 2.2
stonesoft stonegate 1.6.2
openssl openssl 0.9.6d
apple mac_os_x_server 10.3.3
cisco webns 6.10
cisco okena_stormwatch 3.2
cisco pix_firewall_software 6.1(3)
4d webstar 5.2.2
checkpoint vpn-1 next_generation_fp2
redhat openssl 0.9.7a-2
cisco pix_firewall_software 6.3(2)
cisco mds_9000 *
stonesoft stonegate_vpn_client 2.0
freebsd freebsd 5.1
openssl openssl 0.9.7a
4d webstar 5.2
novell edirectory 8.0
redhat enterprise_linux_desktop 3.0
cisco ios 12.1(11b)e12
stonesoft stonebeat_securitycluster 2.0
avaya sg208 *
neoteris instant_virtual_extranet 3.3.1
cisco pix_firewall_software 6.2(1)
lite speed_technologies_litespeed_web_server 1.2.1
checkpoint firewall-1 next_generation_fp1
cisco ios 12.1(11)e
lite speed_technologies_litespeed_web_server 1.0.2
hp wbem a.01.05.08
stonesoft stonegate 1.5.17
avaya vsu 10000_r2.0.1
cisco pix_firewall_software 6.1(1)
avaya sg200 4.31.29
avaya sg5 4.2
lite speed_technologies_litespeed_web_server 1.1
cisco pix_firewall_software 6.2
cisco css_secure_content_accelerator 1.0
cisco firewall_services_module *
dell bsafe_ssl-j 3.1
stonesoft stonegate 1.7
stonesoft stonegate_vpn_client 2.0.9
lite speed_technologies_litespeed_web_server 1.3_rc3
stonesoft stonegate_vpn_client 2.0.7
lite speed_technologies_litespeed_web_server 1.3.1
avaya sg208 4.4
freebsd freebsd 4.9
novell imanager 1.5
checkpoint firewall-1 *
openssl openssl 0.9.6k
stonesoft stonebeat_securitycluster 2.5
cisco secure_content_accelerator 10000
openssl openssl 0.9.6h
avaya s8300 r2.0.0
4d webstar 5.3
checkpoint provider-1 4.1
cisco pix_firewall_software 6.0(1)
openssl openssl 0.9.6e
stonesoft stonegate 1.7.2
novell edirectory 8.5
cisco pix_firewall_software 6.3
cisco access_registrar *
checkpoint firewall-1 next_generation_fp0
stonesoft stonebeat_fullcluster 2.0
avaya vsu 5x
cisco ios 12.1(11b)e
avaya sg5 4.3
cisco webns 7.1_0.2.06
lite speed_technologies_litespeed_web_server 1.2_rc2
stonesoft stonegate 1.6.3
cisco gss_4490_global_site_selector *
4d webstar 4.0
avaya vsu 2000_r2.0.1
openbsd openbsd 3.4
cisco webns 7.2_0.0.03
avaya s8300 r2.0.1
freebsd freebsd 5.2
neoteris instant_virtual_extranet 3.0
cisco ios 12.1(13)e9
hp hp-ux 11.11
tarantella tarantella_enterprise 3.30
cisco firewall_services_module 1.1_(3.005)
lite speed_technologies_litespeed_web_server 1.3_rc2
stonesoft servercluster 2.5
freebsd freebsd 5.2.1
stonesoft stonebeat_fullcluster 2.5
openssl openssl 0.9.7
cisco pix_firewall_software 6.2(2)
cisco pix_firewall_software 6.2(3)
checkpoint vpn-1 vsx_ng_with_application_intelligence
redhat linux 7.3
dell bsafe_ssl-j 3.0
apple mac_os_x 10.3.3
CVE-2004-0081 MEDIUM

OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell edirectory 8.6.2
avaya sg203 4.4
cisco ios 12.2(14)sy
openssl openssl 0.9.7c
lite speed_technologies_litespeed_web_server 1.1.1
cisco pix_firewall_software 6.0
sgi propack 3.0
sco openserver 5.0.6
avaya intuity_audix 5.1.46
tarantella tarantella_enterprise 3.20
avaya vsu 7500_r2.0.1
sgi propack 2.3
avaya sg203 4.31.29
vmware gsx_server 3.0_build_7592
avaya vsu 5
cisco webns 7.1_0.1.02
stonesoft stonegate_vpn_client 1.7
cisco pix_firewall_software 6.3(3.102)
cisco firewall_services_module 2.1_(0.208)
neoteris instant_virtual_extranet 3.1
lite speed_technologies_litespeed_web_server 1.2.2
avaya s8700 r2.0.1
cisco pix_firewall_software 6.0(2)
stonesoft stonebeat_webcluster 2.0
cisco pix_firewall_software 6.0(4.101)
vmware gsx_server 2.0
vmware gsx_server 2.5.1_build_5336
hp apache-based_web_server 2.0.43.04
cisco firewall_services_module 1.1.3
stonesoft stonegate_vpn_client 2.0.8
redhat openssl 0.9.6-15
cisco pix_firewall_software 6.3(3.109)
checkpoint firewall-1 2.0
openssl openssl 0.9.7b
4d webstar 5.2.3
sgi propack 2.4
lite speed_technologies_litespeed_web_server 1.2_rc1
openbsd openbsd 3.3
avaya intuity_audix *
cisco webns 7.10_.0.06s
cisco firewall_services_module 1.1.2
bluecoat cacheos_ca_sa 4.1.10
symantec clientless_vpn_gateway_4400 5.0
checkpoint vpn-1 next_generation_fp0
cisco ios 12.2sy
cisco css_secure_content_accelerator 2.0
cisco pix_firewall_software 6.1(2)
stonesoft stonegate 2.2.1
securecomputing sidewinder 5.2.0.04
cisco application_and_content_networking_software *
cisco gss_4480_global_site_selector *
stonesoft servercluster 2.5.2
securecomputing sidewinder 5.2.1.02
hp apache-based_web_server 2.0.43.00
avaya s8700 r2.0.0
lite speed_technologies_litespeed_web_server 1.0.1
tarantella tarantella_enterprise 3.40
redhat linux 8.0
stonesoft stonegate 2.0.5
openssl openssl 0.9.6j
cisco pix_firewall 6.2.2_.111
redhat linux 7.2
stonesoft stonebeat_fullcluster 1_3.0
novell edirectory 8.7.1
stonesoft stonegate 2.0.8
neoteris instant_virtual_extranet 3.3
freebsd freebsd 4.8
novell edirectory 8.7
cisco pix_firewall_software 6.0(3)
cisco css11000_content_services_switch *
stonesoft stonegate 2.0.9
redhat openssl 0.9.6b-3
hp hp-ux 11.00
hp wbem a.02.00.01
novell imanager 2.0
hp hp-ux 8.05
avaya vsu 500
cisco webns 6.10_b4
novell edirectory 8.5.27
neoteris instant_virtual_extranet 3.2
avaya converged_communications_server 2.0
cisco pix_firewall_software 6.1
stonesoft stonegate 2.2
securecomputing sidewinder 5.2.0.03
cisco ios 12.1(11b)e14
stonesoft stonegate 2.0.4
redhat enterprise_linux 3.0
vmware gsx_server 2.0.1_build_2129
lite speed_technologies_litespeed_web_server 1.3
avaya s8500 r2.0.1
cisco ios 12.2za
cisco ciscoworks_common_management_foundation 2.1
stonesoft stonegate 2.0.7
cisco pix_firewall_software 6.0(4)
cisco pix_firewall_software 6.1(4)
securecomputing sidewinder 5.2.1
dell bsafe_ssl-j 3.0.1
avaya sg200 4.4
4d webstar 5.2.4
cisco pix_firewall_software 6.1(5)
checkpoint vpn-1 next_generation_fp1
avaya s8500 r2.0.0
stonesoft stonebeat_webcluster 2.5
stonesoft stonegate 2.0.6
bluecoat cacheos_ca_sa 4.1.12
4d webstar 5.3.1
stonesoft stonebeat_fullcluster 1_2.0
stonesoft stonebeat_fullcluster 3.0
cisco pix_firewall_software 6.2(3.100)
lite speed_technologies_litespeed_web_server 1.3_rc1
securecomputing sidewinder 5.2.0.01
novell edirectory 8.5.12a
cisco ios 12.1(19)e1
securecomputing sidewinder 5.2.0.02
cisco pix_firewall_software 6.3(1)
cisco call_manager *
stonesoft stonegate 1.7.1
securecomputing sidewinder 5.2
sco openserver 5.0.7
stonesoft stonegate 2.1
bluecoat proxysg *
sun crypto_accelerator_4000 1.0
stonesoft stonegate 1.5.18
avaya intuity_audix s3210
stonesoft stonegate_vpn_client 1.7.2
stonesoft stonegate 2.0.1
openssl openssl 0.9.6i
openssl openssl 0.9.6c
avaya vsu 100_r2.0.1
lite speed_technologies_litespeed_web_server 1.0.3
avaya sg5 4.4
vmware gsx_server 2.5.1
cisco content_services_switch_11500 *
openssl openssl 0.9.6f
hp hp-ux 11.23
avaya vsu 5000_r2.0.1
hp aaa_server *
hp wbem a.02.00.00
stonesoft stonegate 2.2.4
avaya intuity_audix s3400
checkpoint firewall-1 next_generation_fp2
cisco threat_response *
cisco ios 12.2(14)sy1
openssl openssl 0.9.6g
4d webstar 5.2.1
cisco webns 7.10
cisco ciscoworks_common_services 2.2
stonesoft stonegate 1.6.2
openssl openssl 0.9.6d
apple mac_os_x_server 10.3.3
cisco webns 6.10
cisco okena_stormwatch 3.2
cisco pix_firewall_software 6.1(3)
4d webstar 5.2.2
redhat openssl 0.9.7a-2
cisco pix_firewall_software 6.3(2)
cisco mds_9000 *
stonesoft stonegate_vpn_client 2.0
freebsd freebsd 5.1
openssl openssl 0.9.7a
4d webstar 5.2
novell edirectory 8.0
redhat enterprise_linux_desktop 3.0
cisco ios 12.1(11b)e12
stonesoft stonebeat_securitycluster 2.0
avaya sg208 *
neoteris instant_virtual_extranet 3.3.1
cisco pix_firewall_software 6.2(1)
lite speed_technologies_litespeed_web_server 1.2.1
checkpoint firewall-1 next_generation_fp1
cisco ios 12.1(11)e
lite speed_technologies_litespeed_web_server 1.0.2
hp wbem a.01.05.08
stonesoft stonegate 1.5.17
avaya vsu 10000_r2.0.1
cisco pix_firewall_software 6.1(1)
avaya sg200 4.31.29
avaya sg5 4.2
lite speed_technologies_litespeed_web_server 1.1
cisco pix_firewall_software 6.2
cisco css_secure_content_accelerator 1.0
cisco firewall_services_module *
dell bsafe_ssl-j 3.1
stonesoft stonegate 1.7
stonesoft stonegate_vpn_client 2.0.9
lite speed_technologies_litespeed_web_server 1.3_rc3
stonesoft stonegate_vpn_client 2.0.7
lite speed_technologies_litespeed_web_server 1.3.1
avaya sg208 4.4
freebsd freebsd 4.9
novell imanager 1.5
checkpoint firewall-1 *
openssl openssl 0.9.6k
stonesoft stonebeat_securitycluster 2.5
cisco secure_content_accelerator 10000
openssl openssl 0.9.6h
avaya s8300 r2.0.0
4d webstar 5.3
checkpoint provider-1 4.1
cisco pix_firewall_software 6.0(1)
openssl openssl 0.9.6e
stonesoft stonegate 1.7.2
novell edirectory 8.5
checkpoint vpn-1 next_generation
cisco pix_firewall_software 6.3
cisco access_registrar *
checkpoint firewall-1 next_generation_fp0
stonesoft stonebeat_fullcluster 2.0
avaya vsu 5x
cisco ios 12.1(11b)e
avaya sg5 4.3
cisco webns 7.1_0.2.06
lite speed_technologies_litespeed_web_server 1.2_rc2
stonesoft stonegate 1.6.3
cisco gss_4490_global_site_selector *
4d webstar 4.0
avaya vsu 2000_r2.0.1
openbsd openbsd 3.4
cisco webns 7.2_0.0.03
avaya s8300 r2.0.1
freebsd freebsd 5.2
neoteris instant_virtual_extranet 3.0
cisco ios 12.1(13)e9
hp hp-ux 11.11
tarantella tarantella_enterprise 3.30
cisco firewall_services_module 1.1_(3.005)
lite speed_technologies_litespeed_web_server 1.3_rc2
stonesoft servercluster 2.5
freebsd freebsd 5.2.1
stonesoft stonebeat_fullcluster 2.5
openssl openssl 0.9.7
cisco pix_firewall_software 6.2(2)
cisco pix_firewall_software 6.2(3)
checkpoint vpn-1 vsx_ng_with_application_intelligence
redhat linux 7.3
dell bsafe_ssl-j 3.0
apple mac_os_x 10.3.3
CVE-2004-0112 MEDIUM

The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
novell edirectory 8.6.2
avaya sg203 4.4
cisco ios 12.2(14)sy
openssl openssl 0.9.7c
cisco pix_firewall_software 6.0
sgi propack 3.0
sco openserver 5.0.6
avaya intuity_audix 5.1.46
tarantella tarantella_enterprise 3.20
avaya vsu 7500_r2.0.1
sgi propack 2.3
avaya sg203 4.31.29
vmware gsx_server 3.0_build_7592
avaya vsu 5
forcepoint stonegate 2.2
cisco webns 7.1_0.1.02
forcepoint stonegate 2.0.6
cisco pix_firewall_software 6.3(3.102)
cisco firewall_services_module 2.1_(0.208)
neoteris instant_virtual_extranet 3.1
avaya s8700 r2.0.1
cisco pix_firewall_software 6.0(2)
stonesoft stonebeat_webcluster 2.0
cisco pix_firewall_software 6.0(4.101)
vmware gsx_server 2.0
vmware gsx_server 2.5.1_build_5336
hp apache-based_web_server 2.0.43.04
cisco firewall_services_module 1.1.3
redhat openssl 0.9.6-15
cisco pix_firewall_software 6.3(3.109)
checkpoint firewall-1 2.0
openssl openssl 0.9.7b
4d webstar 5.2.3
sgi propack 2.4
openbsd openbsd 3.3
avaya intuity_audix *
cisco webns 7.10_.0.06s
cisco firewall_services_module 1.1.2
bluecoat cacheos_ca_sa 4.1.10
symantec clientless_vpn_gateway_4400 5.0
checkpoint vpn-1 next_generation_fp0
cisco ios 12.2sy
cisco css_secure_content_accelerator 2.0
cisco pix_firewall_software 6.1(2)
securecomputing sidewinder 5.2.0.04
cisco application_and_content_networking_software *
cisco gss_4480_global_site_selector *
stonesoft servercluster 2.5.2
securecomputing sidewinder 5.2.1.02
hp apache-based_web_server 2.0.43.00
avaya s8700 r2.0.0
tarantella tarantella_enterprise 3.40
redhat linux 8.0
openssl openssl 0.9.6j
cisco pix_firewall 6.2.2_.111
forcepoint stonegate 2.0.7
redhat linux 7.2
stonesoft stonebeat_fullcluster 1_3.0
novell edirectory 8.7.1
neoteris instant_virtual_extranet 3.3
freebsd freebsd 4.8
novell edirectory 8.7
cisco pix_firewall_software 6.0(3)
cisco css11000_content_services_switch *
redhat openssl 0.9.6b-3
hp hp-ux 11.00
hp wbem a.02.00.01
novell imanager 2.0
hp hp-ux 8.05
avaya vsu 500
cisco webns 6.10_b4
novell edirectory 8.5.27
neoteris instant_virtual_extranet 3.2
avaya converged_communications_server 2.0
cisco pix_firewall_software 6.1
securecomputing sidewinder 5.2.0.03
cisco ios 12.1(11b)e14
redhat enterprise_linux 3.0
vmware gsx_server 2.0.1_build_2129
avaya s8500 r2.0.1
cisco ios 12.2za
cisco ciscoworks_common_management_foundation 2.1
cisco pix_firewall_software 6.0(4)
cisco pix_firewall_software 6.1(4)
securecomputing sidewinder 5.2.1
dell bsafe_ssl-j 3.0.1
avaya sg200 4.4
4d webstar 5.2.4
cisco pix_firewall_software 6.1(5)
checkpoint vpn-1 next_generation_fp1
avaya s8500 r2.0.0
stonesoft stonebeat_webcluster 2.5
bluecoat cacheos_ca_sa 4.1.12
4d webstar 5.3.1
stonesoft stonebeat_fullcluster 1_2.0
stonesoft stonebeat_fullcluster 3.0
cisco pix_firewall_software 6.2(3.100)
securecomputing sidewinder 5.2.0.01
novell edirectory 8.5.12a
cisco ios 12.1(19)e1
securecomputing sidewinder 5.2.0.02
cisco pix_firewall_software 6.3(1)
cisco call_manager *
securecomputing sidewinder 5.2
sco openserver 5.0.7
bluecoat proxysg *
sun crypto_accelerator_4000 1.0
avaya intuity_audix s3210
openssl openssl 0.9.6i
openssl openssl 0.9.6c
avaya vsu 100_r2.0.1
forcepoint stonegate 2.0.4
forcepoint stonegate 2.1
avaya sg5 4.4
vmware gsx_server 2.5.1
cisco content_services_switch_11500 *
openssl openssl 0.9.6f
hp hp-ux 11.23
avaya vsu 5000_r2.0.1
forcepoint stonegate 2.0.1
hp aaa_server *
hp wbem a.02.00.00
forcepoint stonegate 1.6.3
avaya intuity_audix s3400
forcepoint stonegate 2.0.5
checkpoint firewall-1 next_generation_fp2
cisco threat_response *
cisco ios 12.2(14)sy1
openssl openssl 0.9.6g
4d webstar 5.2.1
cisco webns 7.10
cisco ciscoworks_common_services 2.2
openssl openssl 0.9.6d
apple mac_os_x_server 10.3.3
cisco webns 6.10
cisco okena_stormwatch 3.2
cisco pix_firewall_software 6.1(3)
4d webstar 5.2.2
checkpoint vpn-1 next_generation_fp2
redhat openssl 0.9.7a-2
cisco pix_firewall_software 6.3(2)
cisco mds_9000 *
freebsd freebsd 5.1
openssl openssl 0.9.7a
4d webstar 5.2
novell edirectory 8.0
redhat enterprise_linux_desktop 3.0
forcepoint stonegate 2.0.9
cisco ios 12.1(11b)e12
stonesoft stonebeat_securitycluster 2.0
avaya sg208 *
neoteris instant_virtual_extranet 3.3.1
cisco pix_firewall_software 6.2(1)
checkpoint firewall-1 next_generation_fp1
forcepoint stonegate 1.7
cisco ios 12.1(11)e
hp wbem a.01.05.08
forcepoint stonegate 1.7.2
avaya vsu 10000_r2.0.1
cisco pix_firewall_software 6.1(1)
avaya sg200 4.31.29
avaya sg5 4.2
cisco pix_firewall_software 6.2
cisco css_secure_content_accelerator 1.0
forcepoint stonegate 1.5.17
cisco firewall_services_module *
forcepoint stonegate 2.2.4
dell bsafe_ssl-j 3.1
avaya sg208 4.4
freebsd freebsd 4.9
novell imanager 1.5
checkpoint firewall-1 *
openssl openssl 0.9.6k
stonesoft stonebeat_securitycluster 2.5
cisco secure_content_accelerator 10000
openssl openssl 0.9.6h
avaya s8300 r2.0.0
4d webstar 5.3
checkpoint provider-1 4.1
cisco pix_firewall_software 6.0(1)
openssl openssl 0.9.6e
forcepoint stonegate 1.6.2
novell edirectory 8.5
litespeedtech litespeed_web_server 1.0.1
forcepoint stonegate 1.7.1
cisco pix_firewall_software 6.3
cisco access_registrar *
checkpoint firewall-1 next_generation_fp0
stonesoft stonebeat_fullcluster 2.0
avaya vsu 5x
cisco ios 12.1(11b)e
avaya sg5 4.3
cisco webns 7.1_0.2.06
cisco gss_4490_global_site_selector *
4d webstar 4.0
avaya vsu 2000_r2.0.1
openbsd openbsd 3.4
cisco webns 7.2_0.0.03
avaya s8300 r2.0.1
freebsd freebsd 5.2
neoteris instant_virtual_extranet 3.0
cisco ios 12.1(13)e9
hp hp-ux 11.11
tarantella tarantella_enterprise 3.30
cisco firewall_services_module 1.1_(3.005)
stonesoft servercluster 2.5
freebsd freebsd 5.2.1
stonesoft stonebeat_fullcluster 2.5
forcepoint stonegate 2.2.1
openssl openssl 0.9.7
cisco pix_firewall_software 6.2(2)
cisco pix_firewall_software 6.2(3)
checkpoint vpn-1 vsx_ng_with_application_intelligence
redhat linux 7.3
dell bsafe_ssl-j 3.0
forcepoint stonegate 2.0.8
apple mac_os_x 10.3.3
forcepoint stonegate 1.5.18
CVE-2005-1708 MEDIUM

templates.admin.users.user_form_processing in Blue Coat Reporter before 7.1.2 allows authenticated users to gain administrator privileges via an HTTP POST that sets volatile.user.administrator to true.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
bluecoat reporter *
CVE-2005-1709 HIGH

Unknown vulnerability in Blue Coat Reporter before 7.1.2 allows remote unauthenticated attackers to add a license.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
bluecoat reporter *
CVE-2005-1710 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in Blue Coat Reporter before 7.1.2 allow remote attackers to inject arbitrary web script or HTML via (1) the username in an Add User window or (2) the license key (volatile.license_to_add parameter) in the Licensing page.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
bluecoat reporter *
CVE-2005-3187 MEDIUM

The listening daemon in Blue Coat Systems Inc. WinProxy before 6.1a allows remote attackers to cause a denial of service (crash) via a long HTTP request that causes an out-of-bounds read.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
bluecoat winproxy 6.0
CVE-2005-3654 HIGH

Blue Coat Systems Inc. WinProxy before 6.1a allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of packets with 0xFF characters to the Telnet port (TCP 23), which corrupts the heap.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
bluecoat webproxy 4.0
bluecoat webproxy 5.1
bluecoat webproxy 6.0
bluecoat webproxy 5.2
bluecoat webproxy 5.0
CVE-2005-4085 HIGH

Buffer overflow in BlueCoat (a) WinProxy before 6.1a and (b) the web console access functionality in ProxyAV before 2.4.2.3 allows remote attackers to execute arbitrary code via a long Host: header.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
bluecoat webproxy 4.0
bluecoat webproxy 5.1
bluecoat webproxy 6.0
bluecoat proxyav *
bluecoat webproxy 5.2
bluecoat webproxy 5.0
CVE-2006-0578 HIGH

Blue Coat Proxy Security Gateway OS (SGOS) 4.1.2.1 does not enforce CONNECT rules when using Deep Content Inspection, which allows remote attackers to bypass connection filters.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
bluecoat sgos 4.1.2.1
CVE-2013-5959 HIGH

Blue Coat ProxySG before 6.2.14.1, 6.3.x, 6.4.x, and 6.5 before 6.5.2 allows remote attackers to cause a denial of service (memory consumption and dropped connections) via a recursive href in an HTML page, which triggers a large number of HTTP RW pipeline pre-fetch requests.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
bluecoat proxysgos 5.4
bluecoat proxysgos 6.4
bluecoat proxysgos 6.2
bluecoat proxysgos 6.3
bluecoat proxysgos 6.5
bluecoat proxysgos 5.3
bluecoat proxysgos 6.1
bluecoat proxysg *
bluecoat proxysgos 5.5
CVE-2014-2033 HIGH

The caching feature in SGOS in Blue Coat ProxySG 5.5 through 5.5.11.3, 6.1 through 6.1.6.3, 6.2 through 6.2.15.3, 6.4 through 6.4.6.1, and 6.3 and 6.5 before 6.5.4 allows remote authenticated users to bypass intended access restrictions during a time window after account deletion or modification by leveraging knowledge of previously valid credentials.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
bluecoat proxysgos 6.3
bluecoat proxysgos *
CVE-2014-2565 MEDIUM

The commandline interface in Blue Coat Content Analysis System (CAS) 1.1 before 1.1.4.2 allows remote administrators to execute arbitrary commands via unspecified vectors, related to "command injection."

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-78,

Products Affected

Vendor Product Version
bluecoat content_analysis_system_software *
bluecoat content_analysis_system_software 1.1
bluecoat content_analysis_system -
bluecoat content_analysis_system_software 1.1.1.1
CVE-2015-1454 HIGH

Blue Coat ProxyClient before 3.3.3.3 and 3.4.x before 3.4.4.10 and Unified Agent before 4.1.3.151952 does not properly validate certain certificates, which allows man-in-the-middle attackers to spoof ProxySG Client Managers, and consequently modify configurations and execute arbitrary software updates, via a crafted certificate.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-310,

Products Affected

Vendor Product Version
bluecoat proxyclient *
bluecoat unified_agent *
CVE-2015-8482 LOW

Blue Coat Unified Agent before 4.6.2 does not prevent modification of its configuration files when running in local enforcement mode, which allows local administrators to unblock categories or disable the agent via unspecified vectors.

CVSS 2.0

Severity: LOW

Problem Type: CWE-264,

Products Affected

Vendor Product Version
bluecoat unified_agent *
CVE-2015-8597 MEDIUM

Open redirect vulnerability in Blue Coat ProxySG 6.5 before 6.5.8.8 and 6.6 and Advanced Secure Gateway (ASG) 6.6 might allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a base64-encoded URL in conjunction with a "clear text" one in a coaching page, as demonstrated by "http://www.%humbug-URL%.local/bluecoat-splash-API?%BASE64-URL%."

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
bluecoat advanced_secure_gateway 6.6
bluecoat proxysg *
CVE-2016-10259 MEDIUM

Symantec SSL Visibility (SSLV) 3.8.4FC, 3.9, 3.10 before 3.10.4.1, and 3.11 before 3.11.3.1 is susceptible to a denial-of-service vulnerability that impacts the SSL servers for intercepted SSL connections. A malicious SSL client can, under certain circumstances, temporarily exhaust the TCP connection pool of an SSL server.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-399,

Products Affected

Vendor Product Version
bluecoat ssl_visibility_appliance_sv3800_firmware 3.8.4
bluecoat ssl_visibility_appliance_sv3800_firmware 3.11
bluecoat ssl_visibility_appliance_sv1800_firmware 3.10
bluecoat ssl_visibility_appliance_sv1800_firmware 3.11.1.2
bluecoat ssl_visibility_appliance_sv800_firmware 3.11.2.1
bluecoat ssl_visibility_appliance_sv2800_firmware 3.10
bluecoat ssl_visibility_appliance_sv800_firmware 3.11.1.1
bluecoat ssl_visibility_appliance_sv2800_firmware 3.9
bluecoat ssl_visibility_appliance_sv2800_firmware 3.11.1.1
bluecoat ssl_visibility_appliance_sv2800_firmware 3.11.1.2
bluecoat ssl_visibility_appliance_sv800_firmware 3.9
bluecoat ssl_visibility_appliance_sv3800_firmware 3.11.1.2
bluecoat ssl_visibility_appliance_sv800_firmware 3.8.4
bluecoat ssl_visibility_appliance_sv2800_firmware 3.11
bluecoat ssl_visibility_appliance_sv3800_firmware 3.10
bluecoat ssl_visibility_appliance_sv1800_firmware 3.11.2.1
bluecoat ssl_visibility_appliance_sv2800_firmware 3.11.2.1
bluecoat ssl_visibility_appliance_sv3800_firmware 3.9
bluecoat ssl_visibility_appliance_sv1800_firmware 3.9
bluecoat ssl_visibility_appliance_sv800_firmware 3.10
bluecoat ssl_visibility_appliance_sv800_firmware 3.11
bluecoat ssl_visibility_appliance_sv1800_firmware 3.8.4
bluecoat ssl_visibility_appliance_sv3800_firmware 3.11.2.1
bluecoat ssl_visibility_appliance_sv2800_firmware 3.8.4
bluecoat ssl_visibility_appliance_sv800_firmware 3.11.1.2
bluecoat ssl_visibility_appliance_sv1800_firmware 3.11
bluecoat ssl_visibility_appliance_sv3800_firmware 3.11.1.1
bluecoat ssl_visibility_appliance_sv1800_firmware 3.11.1.1
CVE-2016-6594 MEDIUM

Blue Coat Advanced Secure Gateway 6.6, CacheFlow 3.4, ProxySG 6.5 and 6.6 allows remote attackers to bypass blocked requests, user authentication, and payload scanning.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-254,

Products Affected

Vendor Product Version
bluecoat advanced_secure_gateway 6.6
bluecoat cacheflow 3.4
bluecoat proxysg 6.5
bluecoat proxysg 6.6
CVE-2016-9091 HIGH

Blue Coat Advanced Secure Gateway (ASG) 6.6 before 6.6.5.4 and Content Analysis System (CAS) 1.3 before 1.3.7.4 are susceptible to an OS command injection vulnerability. An authenticated malicious administrator can execute arbitrary OS commands with elevated system privileges.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,

Products Affected

Vendor Product Version
bluecoat content_analysis_system_software *
bluecoat advanced_secure_gateway *