Operating System:

[Appliance]

Published:

24 February 2017

Protect yourself against future threats.

//Service

Incident Management

Whether it is proactive or reactive services you're after, we will help you detect, interpret and respond to attacks from across the globe.

Read more
Resources > Security Bulletins > ESB-2017.0505 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2017.0505
                SA143: OpenSSL Vulnerabilities 16-Feb-2017
                             24 February 2017

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           Bluecoat products
Publisher:         Bluecoat
Operating System:  Network Appliance
Impact/Access:     Denial of Service -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2017-3733  

Reference:         ESB-2017.0488

Original Bulletin: 
   https://bto.bluecoat.com/security-advisory/sa143

- --------------------------BEGIN INCLUDED TEXT--------------------

SA143: OpenSSL Vulnerabilities 16-Feb-2017


Security Advisories ID: SA143

Published Date: February 23, 2017

Advisory Status: Interim

Advisory Severity: High

CVSS v2 base score: TBD

CVE Number: 
CVE-2017-3733

Blue Coat products using affected versions of OpenSSL are susceptible to a
denial of service vulnerability. A remote attacker can exploit this
vulnerability to cause denial of service through application crashes.

CVSS v2 base scores will be provided when the National Vulnerability Database
(NVD) scoring is complete. The advisory severity may be adjusted once the CVSS
v2 base scores become available.

Affected Products: 

No Blue Coat products are vulnerable to CVE-2017-3733.

The following products are not vulnerable:
Advanced Secure Gateway
Android Mobile Agent
AuthConnector
BCAAA
Blue Coat HSM Agent for the Luna SP
CacheFlow
Client Connector
Cloud Data Protection for Salesforce
Cloud Data Protection for Salesforce Analytics
Cloud Data Protection for ServiceNow
Cloud Data Protection for Oracle CRM On Demand
Cloud Data Protection for Oracle Field Service Cloud
Cloud Data Protection for Oracle Sales Cloud
Cloud Data Protection Integration Server
Cloud Data Protection Communication Server
Cloud Data Protection Policy Builder
Content Analysis System
Director
General Auth Connector Login Application
IntelligenceCenter
IntelligenceCenter Data Collector
K9
Mail Threat Defense
Malware Analysis Appliance
Management Center
Norman Shark Industrial Control System Protection
Norman Shark Network Protection
Norman Shark SCADA Protection
PacketShaper
PacketShaper S-Series
PolicyCenter
PolicyCenter S-Series
ProxyClient
ProxyAV
ProxyAV ConLog and ConLogXP
ProxySG
Reporter
Security Analytics
SSL Visibility
Unified Agent
X-Series XOS

Blue Coat no longer provides vulnerability information for the following
products:

DLP
Please, contact Digital Guardian technical support regarding vulnerability
information for DLP.

Advisory Details: 

This Security Advisory addresses a denial of service vulnerability announced in
OpenSSL Security Advisory [16 Feb 2017]. No Blue Coat products have been found
vulnerable at this time.

CVE-2017-3733 is a flaw in the SSL/TLS client and server implementation that
handles session renegotiation and the Encrypt-Then-Mac TLS extension. A remote
attacker can renegotiate an established SSL session with a different cipher
suite and added or removed Encrypt-Than-Mac TLS extension to cause an
application crash, resulting in denial of service.

Blue Coat products that use a native installation of OpenSSL but do not install
or maintain that implementation are not vulnerable to CVE-2017-3733. However,
the underlying platform or application that installs and maintains OpenSSL may
be vulnerable. Blue Coat urges our customers to update the versions of OpenSSL
that are natively installed for Client Connector for OS X, Proxy Client for OS
X, and Reporter 9.x for Linux.

Workarounds: 

No Blue Coat products are vulnerable.

Patches: 

No Blue Coat products are vulnerable.

References: 

OpenSSL Security Advisory - https://www.openssl.org/news/secadv/20170216.txt
CVE-2017-3733 - https://access.redhat.com/security/cve/cve-2017-3733

Advisory History: 

2017-02-23 initial public release

Copyright  2017, Blue Coat Systems, Inc. All rights reserved.
Feedback

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBWK+VOYx+lLeg9Ub1AQiS0w/+PHXATqNDGg3LJffHSe/TgyFrv94dP1YE
XKrlsepMgF4YsLrCTzIdf2RMIJugxW1ye4mD6RaliyDfxGoWn2AlZqqm9ozHh3+K
7ekdADhdgTSakIZisKuNxtJlmWTnE2up2Ohu2SznedYZGtiiMkWQmyti7XSY3onQ
bV+IfAnYqhzR3NcwOTnygSxSeTL3SmO0/gtjWuFPukHNw4C4Pp3vOsPjfHpSD06X
fExw+e9FS+tKth6Zv1ZUuLIV8INSdEzBa8LH2szhvbgUhJc/eDHUZ8pclTM1ozd0
sY93sT87IGDlHOA9peI2kqMT/xcxShKSfMrUmJQ1XrMYkcgljFi20Rgt8iarZsdh
Z8FxNDKTCqvyIQaZFHc6MpewaODGufa4Hn5ffDJF+Bn0h4U/jbFt1mE+U4UvzJks
69s8psYxEH1jkoYfaxRrY0z0G2mo1X8YQtFg2FNaFvVf2GvrpLrW8oR7KIDHtcMc
FFxZUkaJI0gm6MN18ePUttlQ4RHSgDniSSIOWRLgmA/ivaFUk6+79UXfIfN3hMi1
zzenDJsLLjY/TDHpM3YD6tZRzYEKMhjHjj/o2z30UHJg7qVHm0yfa6MWyTxoXTMH
hHeKrMyGcqdcSmVsaRGVBEPbYTuVUuBMDaKRsLuzYNtk/i4sZr00wDmIgqvyBC9d
Pa75ina5g+o=
=/un5
-----END PGP SIGNATURE-----