Blue Coat ProxySG Core File Information Disclosure

This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.


Synopsis :

The remote device is potentially affected by an information disclosure
vulnerability.

Description :

The remote Blue Coat ProxySG device's SGOS self-reported version is
6.1.x earlier than 6.1.5.1 or 6.2.x earlier than 6.2.2.1. It is,
therefore, potentially affected by an information disclosure
vulnerability.

Exported core files are unencrypted, contain sensitive information
and could be used to aid in further attacks.

See also :

https://kb.bluecoat.com/index?page=content&id=SA56

Solution :

Upgrade to version 6.1.5.1 / 6.2.2.1 or later and delete existing,
unneeded core files.

Risk factor :

Low / CVSS Base Score : 1.2
(CVSS2#AV:L/AC:H/Au:N/C:P/I:N/A:N)
CVSS Temporal Score : 1.0
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Firewalls

Nessus Plugin ID: 68993 ()

Bugtraq ID: 48336

CVE ID: CVE-2011-5126