December 4, 2012 – OpenSSL ASN.1 BIO buffer overflow (CVE-2012-2110 and CVE-2012-2131)
High, CVSS v2 base score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVE-2012-2110 – CVSS base score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVE-2012-2131 - CVSS base score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
OpenSSL versions prior to 0.9.8v are vulnerable to buffer overflow attacks when presented with specially crafted DER data. The buffer overflow could result in remote code execution or a denial of service. Blue Coat products that make use of the vulnerable functions for processing untrusted DER data are vulnerable.
The following products are vulnerable:
All versions of IntelligenceCenter are believed to be vulnerable. Further investigation is still underway.
All versions of ProxySG prior to 6.4 are vulnerable.
The following products are not vulnerable:
Director does not use the OpenSSL functions that are vulnerable.
K9 uses the on-platform TLS/SSL libraries.
PacketShaper, PacketWise, and PolicyCenter do not use the OpenSSL functions that are vulnerable.
ProxyAV does not use the OpenSSL functions that are vulnerable.
ProxyClient uses the on-platform TLS/SSL libraries.
Reporter does not use the OpenSSL functions that are vulnerable. The commandline utility is used by the Administrator to import keypairs and certificates, but in this case the data is trusted.
CVE-2012-2110 is a buffer overflow flaw in OpenSSL’s BIO and FILE based functions. Using this vulnerability, a remote attacker can send specially crafted DER or MIME formatted data to an application to cause memory corruption or even to remotely execute code on the system.
CVE-2012-2131 is an integer signedness flaw in the fix issued for CVE-2012-2110. Using this vulnerability, a remote attacker can send specially crafter DER formatted data to an application to conduct buffer overflow attacks and to cause a denial of service.
DER and MIME data formats are typically used to encode X.509 certificates and RSA public keys. The initial vulnerability was demonstrated using these two mechanisms.
There are no workarounds.
IntelligenceCenter 3.2 - a fix is not yet available.
IntelligenceCenter 3.1 - a fix is not yet available.
ProxySG 6.3 – a fix is available in 126.96.36.199. The fix is available to customers with a valid BlueTouch Online login from https://bto.bluecoat.com/download/product/9063.
ProxySG 6.2 – a fix is available in 188.8.131.52. The fix is available to customers with a valid BlueTouch Online login from https://bto.bluecoat.com/download/product/7375.
ProxySG 6.1 – a fix is not yet available
ProxySG 5.5 – a fix not yet available.
ProxySG 5.4 – a fix is not yet available.
ProxySG 4.3 – please upgrade to a later version.
CVE-2012-2110 – http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2110
CVE-2012-2131 – http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2131
OpenSSL advisory - http://www.openssl.org/news/secadv_20120419.txt
2013-01-08 Updated status of ProxySG 6.3 release
2012-12-12 Updated status of ProxySG 5.5 release
2012-12-10 Initial public release
Rate this Page
Please take a moment to complete this form to help us better serve you.