SA18 : ICMP Error Message Vulnerabilities

1065

03 March 2020

19 July 2005

CLOSED

MEDIUM

SUMMARY

 

Some Blue Coat Systems products are vulnerable to the attack described in US-Cert Vulnerability Note VU#222750.

AFFECTED PRODUCTS

 

Advisory Severity:

  • ProxySG - Medium
  • Director - Medium
  • Spyware Interceptor - Low

ISSUES

 

A successful attack uses spoofed ICMP error messages which could cause TCP connections to drop or be degraded, resulting in a denial of service situation.

REFERENCES