Blue Coat ProxySG Recursive HTTP Pipeline Pre-Fetch Remote DoS

This script is Copyright (C) 2013-2015 Tenable Network Security, Inc.


Synopsis :

The remote device is potentially affected by a denial of service
vulnerability.

Description :

According to its self-reported version number, the Security Gateway OS
(SGOS) version installed on the remote Blue Coat ProxySG device is
potentially affected by a denial of service vulnerability caused by a
large amount of HTTP RW pipeline pre-fetch requests.

Note that only devices with forward or reverse mode for HTTP traffic
enabled are affected.

See also :

https://bto.bluecoat.com/security-advisory/sa75

Solution :

Upgrade to SGOS version 5.4.12.9 / 5.5.11.5 / 6.2.14.1 / 6.3.6.2 /
6.4.5.1 / 6.5.2.0 or later. Alternatively, apply the workaround
referenced in the vendor advisory.

Risk factor :

High / CVSS Base Score : 7.1
(CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C)
CVSS Temporal Score : 6.4
(CVSS2#E:POC/RL:U/RC:C)
Public Exploit Available : true

Family: Firewalls

Nessus Plugin ID: 70302 ()

Bugtraq ID: 62647

CVE ID: CVE-2013-5959