CVE-2005-4085

Bluecoat Webproxy - Buffer Overflow

Title source: rule

Description

Buffer overflow in BlueCoat (a) WinProxy before 6.1a and (b) the web console access functionality in ProxyAV before 2.4.2.3 allows remote attackers to execute arbitrary code via a long Host: header.

Exploits (3)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/16691

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by FistFuXXer · perlremotewindows

https://www.exploit-db.com/exploits/1408

View Code ZIP pw:eip

metasploit WORKING POC GREAT

rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/proxy/bluecoat_winproxy_host.rb

View Code ZIP pw:eip

References (8)

[Patch, Vendor Advisory] http://secunia.com/advisories/18288

[Patch, Vendor Advisory] http://secunia.com/advisories/18909

[Patch, Vendor Advisory] http://securitytracker.com/id?1015441

[Patch, Vendor Advisory] http://www.bluecoat.com/support/knowledge/advisory_host_header_stack_overflow.html

[Patch, Vendor Advisory] http://www.idefense.com/intelligence/vulnerabilities/display.php?id=364

[Exploit, Patch] http://www.securityfocus.com/bid/16147

[Third Party Advisory] http://www.vupen.com/english/advisories/2006/0065

[Third Party Advisory] http://www.vupen.com/english/advisories/2006/0622

Scores

EPSS 0.7716

EPSS Percentile 99.0%

Details

Status published

Products (6)

bluecoat/proxyav

bluecoat/webproxy 4.0 r1a (10 CPE variants)

bluecoat/webproxy 5.0 r1a (3 CPE variants)

bluecoat/webproxy 5.1 r1a (3 CPE variants)

bluecoat/webproxy 5.2 r1a

bluecoat/webproxy 6.0 r1a (2 CPE variants)

Published Dec 31, 2005

Tracked Since Feb 18, 2026