Published:
12 December 2012
Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT Security Bulletin
ASB-2012.0172
OpenSSL vulnerabilities have been discovered in Bluecoat
IntelligenceCenter and ProxySG
12 December 2012
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Bluecoat IntelligenceCenter
Bluecoat ProxySG
Impact/Access: Execute Arbitrary Code/Commands -- Remote/Unauthenticated
Denial of Service -- Remote/Unauthenticated
Resolution: Patch/Upgrade
CVE Names: CVE-2012-2131 CVE-2012-2110
Member content until: Friday, January 11 2013
Reference: ESB-2012.0408
ESB-2012.0388
OVERVIEW
Multiple OpenSSL vulnerabilities have been discovered in Bluecoat
IntelligenceCenter and ProxySG.
IMPACT
The following information is from the Bluecoat website:
"CVE-2012-2110 is a buffer overflow flaw in OpenSSLs BIO and FILE based
functions. Using this vulnerability, a remote attacker can send
specially crafted DER or MIME formatted data to an application to cause
memory corruption or even to remotely execute code on the system.
CVE-2012-2131 is an integer signedness flaw in the fix issued for
CVE-2012-2110. Using this vulnerability, a remote attacker can send
specially crafter DER formatted data to an application to conduct buffer
overflow attacks and to cause a denial of service." [1]
All versions of IntelligenceCenter and ProxySG are vulnerable. [1]
MITIGATION
Fixes are not yet available for IntelligenceCenter but are being
investigated. Fixes are available for some versions of ProxySG. [1]
REFERENCES
[1] December 4, 2012 OpenSSL ASN.1 BIO buffer overflow (CVE-2012-2110
and CVE-2012-2131)
https://kb.bluecoat.com/index?page=content&id=SA70
AusCERT has made every effort to ensure that the information contained
in this document is accurate. However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBUMgaBe4yVqjM2NGpAQIrmQ/9EYDGSnq2R/1TjyIBfsVMwj1cXFvgqpu6
B67pi+u0RjahwQEtnMBDIeuEtCrVbWAXUckbZtZ+8+vw4R7jIQcYWACnRq+P44NZ
LJSN0ip0TwrDnbg286qBMBQCm5t9O5HjrqztkPTk3SskLNQo1h9RwDDalsVGLxAq
mLyAwdFaw+jMctQSXT5i5/DmGFAFt/J9ssFYusH2dG5Mu8PQk4lwrEZ0efRoTPhS
4xmzyIEwtuVjJki/M9SevGK7k/JzJSb3wvPSVMpR6AN3S4cWi9LWMxhbaMr8qFmh
DA80y2NrMVp9c7EdnmEgmPEGbOzgqXagJ20mo/of2NwkrbRiDY6Wl3LoHx9HG600
TFr1Dk5Xb/BJGuEycmjr9TtpAM/VsC7weYgdHUfFmTUh0IV8a2nPL2DnXXfg4yOf
xB7h7odPmsarYAIw3FKemFQwnEYyZcqGaoIllIKqtCVNElnP0JVUDBnWqYpCrvEM
VtTr58AtLe0XKA1Or2M2neJADionMlv4uAr/Sbtu2jVp8uh7LTlry7UnZQViWgCR
CRM7ydnVBagxfkuk2vQPccbYvFZEYAXdxr/WMVCpSJcQEV9M+thCJwSae5pUrRTT
8c/5nEkVaziMfbJzDl4ZxH4ZJtITJ4fowmWH703RQ6/ZF+BIYLkeoTWA4/hAQ4Tj
4wreaGEVNGQ=
=uoBn
-----END PGP SIGNATURE-----