Blue Coat WinProxy versions 6.0 and prior and ProxyAV versions prior to 126.96.36.199 contain vulnerabilities that could allow a remote attacker to create a denial of service (DoS) condition or execute arbitrary code.
The first vulnerability (CVE-2005-3187) exists in WinProxy as the result of improper input validation. A remote attacker could exploit this vulnerability by submitting an overly long HTTP request to the proxy server. This allows the attacker to cause the server to crash. The server must be manually restarted to restore service. This vulnerability only affects version 6.0 of WinProxy.
The second vulnerability (CVE-2005-3654) exists in the WinProxy telnet service. A
remote attacker could exploit this vulnerability by submitting an excessive number of malicious packets designed to cause heap corruption on the affected port. This allows the attacker to cause the targeted server to crash and may allow the execution of arbitrary code.
The third vulnerability (CVE-2005-4085) exists in WinProxy and ProxyAV due to a lack of proper input validation in the HTTP proxy. To exploit this vulnerability, a remote attacker could submit an HTTP request containing an overly long Host: header designed to cause a buffer overflow. This could allow the attacker to execute arbitrary code on the system.
Exploit code is available for the first and third vulnerabilities.
Updates are available.