-----BEGIN PGP SIGNED MESSAGE-----
AUSCERT Security Bulletin
Multiple vulnerabilities identified in Blue Coat products using OpenSSL
23 January 2015
AusCERT Security Bulletin Summary
Product: Blue Coat Director
Blue Coat Management Center
Blue Coat Malware Analysis Appliance
Blue Coat Malware Analyzer G2
Blue Coat Norman Shark Industrial Control System Protection
Blue Coat Norman Shark Network Protection
Blue Coat Norman Shark SCADA Protection
Blue Coat ProxyAV
Blue Coat ProxySG
Blue Coat Security Analytics Platform
Blue Coat SSL Visibility
Blue Coat X-Series XOS
Blue Coat Content Analysis System
Operating System: Network Appliance
VMware ESX Server
Impact/Access: Access Privileged Data -- Remote/Unauthenticated
Modify Arbitrary Files -- Remote/Unauthenticated
Denial of Service -- Remote/Unauthenticated
Reduced Security -- Remote/Unauthenticated
CVE Names: CVE-2014-5139 CVE-2014-3568 CVE-2014-3567
CVE-2014-3513 CVE-2014-3512 CVE-2014-3511
CVE-2014-3510 CVE-2014-3509 CVE-2014-3508
CVE-2014-3507 CVE-2014-3506 CVE-2014-3505
Member content until: Wednesday, February 18 2015
Revision History: January 23 2015: Corrected product tag
January 23 2015: Added product Blue Coat Content Analysis System
January 19 2015: Initial Release
Multiple vulnerabilities have been identified in Blue Coat products
using OpenSSL versions 0.9.8, 1.0.0 and 1.0.1.
Blue Coat advises "A remote attacker may exploit these
vulnerabilities to downgrade to TLS v1.0, leak information, write
arbitrary data to memory, cause a buffer overflow, or cause a
denial-of-service"  and "A remote attacker may exploit these
vulnerabilities to allow remote attackers to cause a denial of
service due to memory consumption, or to downgrade to an SSL v3
Blue Coat provides the following details regarding the
"CVE-2014-3505 is a flaw in the DTLS implementation that allows an
attacker to force memory to be freed twice, resulting in a crash.
CVE-2014-3506 is a flaw in the DTLS implementation that allows an
attacker to use large amounts of memory, resulting in slowdowns
and/or a crash.
CVE-2014-3507 is a flaw in the DTLS implementation that allows an
attacker to leak memory, resulting in slowdowns and/or a crash.
CVE-2014-3508 allows an attacker to obtain information from the
stack if pretty printing output is echoed to the attacker.
CVE-2014-3509 allows a malicious server to crash or overwrite memory
by sending Elliptic Curve Supported Point Formats Extension data.
CVE-2014-3510 is a flaw in the DTLS client implementation that
allows an attacking server to send data that will result in a crash
due to a null pointer.
CVE-2014-3511 is a flaw in the SSL/TLS server implementaiton that
allows an attacking client to force a downgrade to the TLS 1.0
protocol even if higher protocol versions are supported by the
client and server.
CVE-2014-3512 is a flaw in the SRP implementation that allows a
malicious client or server to send invalid parameters that will
result in a buffer overflow.
CVE-2014-5139 allows a malicious server to crash a client by
specifying an SRP ciphersuite, even if the ciphersuite was not
negotiated with the client". 
"CVE-2014-3513 is a flaw in the DTLS SRTP implementation that allows
an attacker to cause a denial-of-service due to memory consumption.
CVE-2014-3567 is a flaw in the implementation of session tickets
that allows an attacker to cause a denial-of-service due to memory
CVE-2014-3568 allows an attacker to force clients and servers to
downgrade to SSL v3, even if the version of OpenSSL was built such
that SSL v3 should not be allowed." 
Blue Coat has provided the following fixes which address
CVE-2014-3505, CVE-2014-2506, CVE-2014-3507, CVE-2014-3508,
CVE-2014-3509, CVE-2014-3510, CVE-2014-3511, CVE-2014-3512 and
Product Affected version Fix
Malware Analysis Appliance MAA 4.1.x 4.1.4
ProxySG SGOS 6.2.x 18.104.22.168
SGOS 6.5.x 22.214.171.124
Security Analytics Platform SA 7.1.x 7.1.5
SSL Visibility SSLV 3.7 3.7.4
Content Analysis System CAS 1.1 126.96.36.199 
Blue Coat has also provided fixes which address CVE-2014-3513,
CVE-2014-3567 and CVE-2014-3568:
Product Affected version Fix
Malware Analysis Appliance MAA 4.x 4.2.1
Management Center MC 1.x 1.2
Content Analysis System CAS 1.1 188.8.131.52 
 OpenSSL Security Advisory 06-Aug-2014
 OpenSSL Security Advisory 15-Oct-2014
AusCERT has made every effort to ensure that the information contained
in this document is accurate. However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.
Australian Computer Emergency Response Team
The University of Queensland
Internet Email: email@example.com
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----