Vulnerabilities > CVE-2005-3187 - Unspecified vulnerability in Bluecoat Winproxy 6.0
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
The listening daemon in Blue Coat Systems Inc. WinProxy before 6.1a allows remote attackers to cause a denial of service (crash) via a long HTTP request that causes an out-of-bounds read.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | BlueCoat WinProxy <= 6.0 R1c (GET Request) Denial of Service Exploit. CVE-2005-3187. Dos exploit for windows platform |
| id | EDB-ID:1409 |
| last seen | 2016-01-31 |
| modified | 2006-01-07 |
| published | 2006-01-07 |
| reporter | FistFuXXer |
| source | https://www.exploit-db.com/download/1409/ |
| title | BlueCoat WinProxy <= 6.0 R1c GET Request Denial of Service Exploit |
Nessus
NASL family Firewalls NASL id WINPROXY_61A.NASL description The remote host is running WinProxy, a proxy server for Windows. According to the Windows registry, the installed version of WinProxy suffers from denial of service and buffer overflow vulnerabilities in its telnet and web proxy servers. An attacker may be able to exploit these issues to crash the proxy or even execute arbitrary code on the affected host. last seen 2020-06-01 modified 2020-06-02 plugin id 20393 published 2006-01-10 reporter This script is Copyright (C) 2006-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/20393 title WinProxy < 6.1a Multiple Vulnerabilities (credentialed check) code # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(20393); script_version("1.14"); script_cve_id("CVE-2005-3187", "CVE-2005-3654", "CVE-2005-4085"); script_bugtraq_id(16147, 16148, 16149); script_name(english:"WinProxy < 6.1a Multiple Vulnerabilities (credentialed check)"); script_summary(english:"Checks for multiple vulnerabilities in WinProxy < 6.1a"); script_set_attribute(attribute:"synopsis", value: "The remote proxy is affected by multiple vulnerabilities." ); script_set_attribute(attribute:"description", value: "The remote host is running WinProxy, a proxy server for Windows. According to the Windows registry, the installed version of WinProxy suffers from denial of service and buffer overflow vulnerabilities in its telnet and web proxy servers. An attacker may be able to exploit these issues to crash the proxy or even execute arbitrary code on the affected host." ); script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?40f07cd6" ); script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?3a6c81a5" ); script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?79b3006b" ); script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?8c88612f" ); script_set_attribute(attribute:"solution", value: "Upgrade to WinProxy version 6.1a or later." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Blue Coat WinProxy Host Header Overflow'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"plugin_publication_date", value: "2006/01/10"); script_set_attribute(attribute:"patch_publication_date", value: "2006/01/05"); script_set_attribute(attribute:"vuln_publication_date", value: "2006/01/05"); script_cvs_date("Date: 2018/08/06 14:03:14"); script_set_attribute(attribute:"plugin_type", value:"local"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Firewalls"); script_copyright(english:"This script is Copyright (C) 2006-2018 Tenable Network Security, Inc."); script_dependencies("smb_hotfixes.nasl"); script_require_keys("SMB/Registry/Enumerated"); script_require_ports(139, 445); exit(0); } if (!get_kb_item("SMB/Registry/Enumerated")) exit(0); # Look in the registry for evidence of WinProxy. name = get_kb_item("SMB/Registry/HKLM/SOFTWARE/Microsoft/Windows/CurrentVersion/Uninstall/WinProxy 6/DisplayName"); if (name && name =~ "^WinProxy \(Version ([0-5]\.|6\.0)") { security_hole(0); exit(0); }NASL family Firewalls NASL id WINPROXY_HTTP_61A.NASL description The remote host is running WinProxy, a proxy server for Windows. The installed version of WinProxy last seen 2020-06-01 modified 2020-06-02 plugin id 20391 published 2006-01-10 reporter This script is Copyright (C) 2006-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/20391 title WinProxy < 6.1a HTTP Proxy Multiple Vulnerabilities code # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(20391); script_version("1.19"); script_cve_id("CVE-2005-3187", "CVE-2005-4085"); script_bugtraq_id(16147, 16148); script_name(english:"WinProxy < 6.1a HTTP Proxy Multiple Vulnerabilities"); script_summary(english:"Checks for multiple vulnerabilities in WinProxy < 6.1a HTTP Proxy"); script_set_attribute(attribute:"synopsis", value: "The remote web proxy server is affected by denial of service and buffer overflow vulnerabilities." ); script_set_attribute(attribute:"description", value: "The remote host is running WinProxy, a proxy server for Windows. The installed version of WinProxy's HTTP proxy fails to handle long requests as well as requests with long Host headers. An attacker may be able to exploit these issues to crash the proxy or even execute arbitrary code on the affected host." ); script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?40f07cd6" ); script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?3a6c81a5" ); script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?8c88612f" ); script_set_attribute(attribute:"solution", value: "Upgrade to WinProxy version 6.1a or later." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Blue Coat WinProxy Host Header Overflow'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"plugin_publication_date", value: "2006/01/10"); script_set_attribute(attribute:"patch_publication_date", value: "2006/01/05"); script_set_attribute(attribute:"vuln_publication_date", value: "2006/01/05"); script_cvs_date("Date: 2018/08/06 14:03:14"); script_set_attribute(attribute:"plugin_type", value:"remote"); script_end_attributes(); script_category(ACT_DENIAL); script_family(english:"Firewalls"); script_copyright(english:"This script is Copyright (C) 2006-2018 Tenable Network Security, Inc."); script_dependencies("find_service2.nasl", "httpver.nasl"); script_require_ports("Services/www", 80); exit(0); } include("global_settings.inc"); include("misc_func.inc"); include("http.inc"); port = get_http_port(default:80, dont_break: 1); # Make sure it looks like WinProxy. help = get_kb_banner(port: port, type: "help"); if (help && "Proxy-agent: BlueCoat-WinProxy" >< help) { # Flag it as a proxy. register_service(port:port, ipproto:"tcp", proto:"http_proxy"); # Try to exploit it. rq = http_mk_proxy_request(port: 80, item: "/", host: "127.0.0.1", method: "GET", scheme: "http", version: 10, add_headers: make_array("Host", crap(32800))); w = http_send_recv_req(port: port, req: rq); # If we didn't get anything, try resending the query. w = http_send_recv3(port: port, item:"/", method:"GET"); # There's a problem if we didn't get a response the second time. if (isnull(w)) security_hole(port); }
Seebug
bulletinFamily exploit description No description provided by source. id SSV:63328 last seen 2017-11-19 modified 2014-07-01 published 2014-07-01 reporter Root source https://www.seebug.org/vuldb/ssvid-63328 title BlueCoat WinProxy <= 6.0 R1c (GET Request) Denial of Service Exploit bulletinFamily exploit description No description provided by source. id SSV:15813 last seen 2017-11-19 modified 2006-01-07 published 2006-01-07 reporter Root source https://www.seebug.org/vuldb/ssvid-15813 title BlueCoat WinProxy <= 6.0 R1c (GET Request) Denial of Service Exploit