Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT Security Bulletin ASB-2014.0068 Multiple Bluecoat products are affected by vulnerabilities in OpenSSL 11 June 2014 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: CacheFlow Content Analysis System Director IntelligenceCenter Malware Analysis Appliance / Malware Analyzer G2 ProxyAV ProxySG Security Analytics Platform SSL Visibility Unified Agent / Client Connector Operating System: Network Appliance Windows Linux variants Impact/Access: Execute Arbitrary Code/Commands -- Remote/Unauthenticated Access Privileged Data -- Remote/Unauthenticated Denial of Service -- Remote/Unauthenticated Provide Misleading Information -- Remote/Unauthenticated Resolution: Patch/Upgrade CVE Names: CVE-2014-0224 CVE-2014-0221 CVE-2014-0195 CVE-2014-0198 CVE-2010-5298 CVE-2014-3470 Member content until: Friday, July 11 2014 OVERVIEW Multiple Bluecoat products are affected by vulnerabilities in OpenSSL. IMPACT Blue Coat warns that "Blue Coat products using affected versions of OpenSSL 0.9.8, 1.0.0, and 1.0.1 are vulnerable to one or more vulnerabilities in OpenSSL. A remote attacker may exploit these vulnerabilities on clients or servers to become a man-in-the-middle, execute arbitrary code, inject data into sessions, or cause a denial-of-service." [1] MITIGATION The vendor has provided the following information regading patches: "The following products are vulnerable to one or more of these vulnerabilities: CacheFlow CacheFlow 2.x and 3.x are vulnerable. Content Analysis System CAS 1.1.1.1 through 1.1.5.3 are vulnerable. Director Director 5.x and 6.x are vulnerable. IntelligenceCenter IC 3.2 is vulnerable. Malware Analysis Appliance / Malware Analyzer G2 MAA 1.1 and 4.1.1 are vulnerable. MAG2 3.5 is vulnerable. ProxyAV ProxyAV 3.4 and 3.5 are vulnerable. ProxySG SGOS 6.x and 5.x are vulnerable. Security Analytics Platform SA 6.x and 7.x are vulnerable. SSL Visibility SSLV 3.6 and 3.7 are vulnerable. Unified Agent / Client Connector UA for Windows and OSX 4.1 is vulnerable. UA for Linux and IBM 1.1 is vulnerable. Client Connector 1.x is vulnerable. The following products are not vulnerable: Android Mobile Agent PacketShaper PacketShaper S-Series PolicyCenter ProxyClient Reporter X-Series The following products are still under investigation: DLP" [1] REFERENCES [1] June 6, 2014 - OpenSSL Security Advisory 05-Jun-2014 https://kb.bluecoat.com/index?page=content&id=SA80&pmv=print&impressions=false AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBU5fwmBLndAQH1ShLAQIMWA/+KUzjtzEksxPUIX0PeyAEe6L1lSCIa8Pn m8FOFbxoOJ45gtpKUFtiyR/jPSE5Ky7aL+zrg/YIvNm1xcruguMvQfmTJOxXWXZh IZM168t3zxI7DxI67YEN294J2N4SOycj8+gJpyPwaKB2iOnyJsoRrZjohSGmPoWq vVXtNSiBcDr81M3NFJ8Jud4KV2oNqaSS/kYRhf68/QoslB5tRkVwpVJA1WfXYU7O CAlsWXAZiu1pMsLhEIxUFQ/5cYMjq/xkxI+YdXMZ0xAYDuSsi2xyPfGtE+bKZMNI UufMPYsBjm/l1Wv57C9ht2IxDyEmXORPrynF7d0jzi0cCMExRKiXabIdCtYAjWEA c1dDUerIbAv0HdQzLgJ373Cf832jcmIMiheH9yXr1o/DSk05RpJOYH3jiecFb3fW P/xRzhdWMR5nCH/FgPQflY9RYjEXl5rCPUYR0NOlDIVJy/padmLcJ8gJBllFd/BQ 42AeD0FxL2DBHzQ2xkKNllBh1BeYjKB75ofLlhzsVEo9e1QQHwLLv8a2S4me7ARm Km0lsWODu3yvEP7hSqI+AGFdpcoLrrc4GHmuuaKPiva+1NQzTJ0yQJKWmS/lFCY8 XxmqZgjetC2Nmj0Xuw55F8USveu2p+4tRZiA6KJdhsKUTJm8BoiU4kSghmBpb3EW 5y2nvrdPP7Y= =5fFg -----END PGP SIGNATURE-----