Support Content Notification - Support Portal

SA18 : ICMP Error Message Vulnerabilities

Product/Component

Notification Id

1065

Last Updated

03 March 2020

Initial Publication Date

19 July 2005

Status

CLOSED

Severity

MEDIUM

CVSS Base Score

WorkAround

Affected CVE

SUMMARY

Some Blue Coat Systems products are vulnerable to the attack described in US-Cert Vulnerability Note VU#222750.

AFFECTED PRODUCTS

Advisory Severity:

ProxySG - Medium
Director - Medium
Spyware Interceptor - Low

ISSUES

A successful attack uses spoofed ICMP error messages which could cause TCP connections to drop or be degraded, resulting in a denial of service situation.

REFERENCES

https://www.kb.cert.org/vuls/id/222750
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0065
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0066
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0067
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0068