Security Advisories

October 16th 2009 - Blue Coat ProxyAV Advisory on Sockstress TCP Attacks

Security Advisories ID:    SA38
Version:    8.0
Status:    Published
Published date:    10/16/2009
Updated:    12/02/2009
 

Advisory Severity

Low

Details

ProxyAV is based on Windows XP Embedded.  According to Microsoft, this version of Windows XP Embedded is vulnerable, albeit with low severity; to CERT-FI/CVE-2008-4609 Windows XP-based systems are at a reduced risk as there is not the same possibility for remote code execution vs. other versions of Windows.  Additionally, when ProxyAV is deployed according to Blue Coat best practices, there's a remote possibility for denial of service as it assumes that the appliance is Internet-facing and subjected the specific attack of specially-crafted TCP packets.

>>Link to the Alert

(Requires BlueTouch Online Login)


Rate this Page

Please take a moment to complete this form to help us better serve you.

Did this document help answer your question?
 
 
If you are finished providing feedback, please click the RATE CONTENT button. Otherwise, please add more detail in the following text box and then click RATE CONTENT.
 
 

Your response will be used to improve our document content.

Ask a Question