Vulnerability Description
Blue Coat Proxy Security Gateway OS (SGOS) 4.1.2.1 does not enforce CONNECT rules when using Deep Content Inspection, which allows remote attackers to bypass connection filters.
CVSS Score
7.5
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bluecoat | Sgos | 4.1.2.1 |
References
- http://secunia.com/advisories/18622Vendor Advisory
- http://securitytracker.com/id?1015644
- http://www.bluecoat.com/support/knowledge/advisory_connect_denial_ignore.html
- http://www.osvdb.org/22853
- http://www.secumind.net/content/french/modules/news/article.php?storyid=8Vendor AdvisoryURL Repurposed
- http://www.vupen.com/english/advisories/2006/0401
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24446
- http://secunia.com/advisories/18622Vendor Advisory
- http://securitytracker.com/id?1015644
- http://www.bluecoat.com/support/knowledge/advisory_connect_denial_ignore.html
- http://www.osvdb.org/22853
- http://www.secumind.net/content/french/modules/news/article.php?storyid=8Vendor AdvisoryURL Repurposed
- http://www.vupen.com/english/advisories/2006/0401
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24446
FAQ
What is CVE-2006-0578?
CVE-2006-0578 is a vulnerability with a CVSS score of 7.5 (HIGH). Blue Coat Proxy Security Gateway OS (SGOS) 4.1.2.1 does not enforce CONNECT rules when using Deep Content Inspection, which allows remote attackers to bypass connection filters.
How severe is CVE-2006-0578?
CVE-2006-0578 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-0578?
Check the references section above for vendor advisories and patch information. Affected products include: Bluecoat Sgos.