Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT Security Bulletin ASB-2015.0013 ProxyClient and Unified Agent certificate validation flaw 29 January 2015 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Blue Coat ProxyClient Blue Coat Unified Agent Operating System: Windows Impact/Access: Administrator Compromise -- Remote/Unauthenticated Execute Arbitrary Code/Commands -- Remote/Unauthenticated Reduced Security -- Remote/Unauthenticated Resolution: Patch/Upgrade Member content until: Saturday, February 28 2015 OVERVIEW A high severity vulnerability has been identified in Blue Coat ProxyClient versions prior to 3.3.3.3 and 3.4.4.10 and Blue Coat Unified Agent prior to version 4.1.3.151952. [1] IMPACT Blue Coat provides the following details regarding the vulnerability: "A flaw in the validation of the Client Manager certificate performed by the ProxyClient and the Unified agent could allow an attacker to pose as the Client Manager. An attacker could use this vulnerability to modify the configuration parameters of ProxyClient and Unified Agent, to deliver malicious web content to ProxyClient and Unified Agent, and to deliver malicious software updates to ProxyClient. An attacker potentially could use this flaw to gain full administrative acces to the client". [1] MITIGATION Blue Coat advises users to apply the provided fixes. [1] REFERENCES [1] ProxyClient and Unified Agent certificate validation flaw https://bto.bluecoat.com/security-advisory/sa89 AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBVMmt6xLndAQH1ShLAQLyXxAArzCaHncyJESsRvCQpRfiXer/ZxU9F+jo E5PEoPMfLwFVEzZd/fKcs7yk2kPFsEnR9tDPB2tPg0volagrQBMGtTGLqYS/hy5f LF8kvbZ6NYtG2ThlUD17mcIyPnw5uaPAyQodE6tJlSj/uY13toEbx+AQd+KVJNU3 6yr5wmhBNNQCBgW2Za6JDDb6B9tSOhLAJEEKA7tizbZWH5Qk0eklIZxOlNJVUBGs FcRUUvtZ2UHbpl9M5kY1ECa1owAWTcXY7NDtwU+b+ddvwM9f1sVJTSDWIzwV4pVA i/wKqeMZKf1nZTD9YlgdgPDP+j8IZKez9OjxIuXG0niVByxXApQzAM02ZOLrfFH9 hbR1sNeOH+KEjCca+f59sOLH2jhrb57pPREdpmCPL/+osHD5zpR5UCxZIfICM76c u4M+5s52rd0Fnc8pajvDzuYDgJoDokrsulkTNYGNb6mBwtMWp26lHyUPYbK3u/PG jUbkrVmMjNbyMeaD9OLFfELxAOneqLMoSHLSbIsG0wgL1KMrEhvptBIsrGIKUdBy BM0xN1ejlhtRBecQtnVaCeQZMDBWwN26GVDp0fenca+FnhT03gwlZfe+4MeOXFMU ShZXZ/NPJWxoArA2i+9qkFqX/GEIANe96egUqchND9sLLVWkEfArkwknRNSN0QqK 9tD+kNefda8= =C57T -----END PGP SIGNATURE-----