Vigil@nce - Blue Coat ProxySG : reading secret keys
juillet 2011 par Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/
SYNTHESIS OF THE VULNERABILITY
A local attacker, who can open a "core" file of ProxySG, can read
secret keys or user authentication data.
Severity : 2/4
Creation date : 20/06/2011
IMPACTED PRODUCTS
– Blue Coat ProxySG
DESCRIPTION OF THE VULNERABILITY
The Blue Coat ProxySG product stores :
– its standard data in heap memory
– its sensitive data in "secure heap" memory, which is a special
section of the heap
When a fatal error occurs in SGOS, the content of the memory is
stored in a "core" file, in order to help debugging.
However, the "secure heap" is also dumped in the core file.
A local attacker, who can open a "core" file of ProxySG, can
therefore read secret keys or user authentication data.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Blue-Coat-ProxySG-reading-secret-keys-10760