exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

advisory_private_key_compromise.html

advisory_private_key_compromise.html
Posted May 18, 2004
Site bluecoat.com

Blue Coat Security Gateway OS (SGOS) 3.x releases suffer from a private key disclosure vulnerability where the key and passphrase are stored in clear text when being imported via the web-based management console.

tags | advisory, web
SHA-256 | 618fc697e20741645614005f71356499b25ff5da2c4770eaab63019f287b71c3

advisory_private_key_compromise.html

Change Mirror Download
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<!-- Netscape 4.x fix -->
<html>
<head>
<title>Blue Coat Systems - Security Advisories</title>

<link href="/bcsstyle1.css" rel="stylesheet" type="text/css">

</head>

<body bgcolor="#FFFFFF" topmargin=10 leftmargin=0 marginwidth=0 marginheight=10>

<table border=0 cellpadding=0 cellspacing=0 width="800">
<tr>
<td>
<!-- BEGIN: Blue Header -->

<table border=0 cellpadding=0 cellspacing=0 width="800">

<tr valign="top">
<td bgcolor="#000066" width="100%" height="56">
<TABLE border="0" cellspacing="0" cellpadding="0" width="100%">

<TR>

<TD width="12" bgcolor="#ffffff"><IMG src="/images/spacer.gif" width="12" height="77"></TD>
<TD width="534"><A href="/index.html"><IMG src="/images/hp-header.jpg" width="535" height="77" border="0"></A></TD>
<TD width="254" bgcolor="#000066">

<TABLE border="0" cellspacing="0" cellpadding="0" width="254">

<TR>

<TD align="right"><IMG src="/images/spacer.gif" width="1" height="10"><BR>
</TD>
</TR>

<TR>
<TD align="right" width="254"><A class="persistantnav" href="/index.html">HOME</A><IMG src="/images/bcs_persist_navbar.gif" width="13" height="9"><A class="persistantnav" href="/search/index.html">SEARCH</A><IMG src="/images/bcs_persist_navbar.gif" width="13" height="9"><A class="persistantnav" href="/aboutus/contact.html">CONTACT
US</A><IMG src="/images/bcs_persist_navbar.gif" width="13" height="9"><A class="persistantnav" href="/downloads/corporate/BCS_privacy.pdf">PRIVACY<IMG src="/images/spacer.gif" width="10" height="8" border="0"></A></TD>
</TR>

<TR> <TD align="right" width="254"> <IMG src="/images/spacer.gif" width="1" height="10"><BR>
<IMG src="/images/bcs_starbullet.gif" width="20" height="16"><A class="persistantnav" href="https://services.bluecoat.com/eservice_enu" target="_blank">WebPower
Users<IMG src="/images/bcs_persist_navbar.gif" width="13" height="9" border="0">
</A>

<SCRIPT src ="http://www.nohold.net/Includes/funcs.js" ></SCRIPT>
<A class="persistantnav" href= "http://www.nohold.net/noHoldCust31/Prod_1/Articles54407/bc_launch_frames.html" target= "noHold" onClick="return launchkp();" >Instant
Support</A><IMG src="/images/spacer.gif" width="10" height="8"></TD>
</TR>

</TABLE>
</TD>
</TR>

</TABLE>
</td>
</tr>
<!-- END: Blue Header -->
<!-- BEGIN: Main Nav -->
<tr>
<td bgcolor="#FFFFFF"><img src="/images/spacer.gif" width="100%" height="8"></td>
</tr>
<tr>
<td bgcolor="#999999"><img src="/images/spacer.gif" width="100%" height="1"></td>
</tr>
<tr>
<td bgcolor="#FFFFFF"><img src="/images/spacer.gif" width="100%" height="3"></td>
</tr>
<tr>
<td width="100%" height="13">
<table border="0" cellspacing="0" cellpadding="0" width="100%">
<tr>

<td class="mainnav">
<img src="/images/spacer.gif" width="50" height="1"><a class="mainnav" href="/solutions/index.html"><b>SOLUTIONS</b></a>
<img src="/images/spacer.gif" width="50" height="1"><a class="mainnav" href="/products/index.html"><b>PRODUCTS</b></a>
<img src="/images/spacer.gif" width="50" height="8"><a class="mainnav" href="/resources/index.html"><b>RESOURCES</b></a>
<img src="/images/spacer.gif" width="50" height="1"><a class="mainnav" href="/partners/index.html"><b>PARTNERS</b></a>
<img src="/images/spacer.gif" width="50" height="1"><a class="mainnavreturn" href="/support/index.html"><b>SUPPORT</b></a>
<img src="/images/spacer.gif" width="50" height="1"><a class="mainnav" href="/news/index.html"><b>NEWS</b></a>
<img src="/images/spacer.gif" width="50" height="1"><a class="mainnav" href="/aboutus/index.html"><b>ABOUT US</b></a>
</td>
</tr>
</table>
</td>
</tr>
<tr>
<td bgcolor="#FFFFFF"><img src="/images/spacer.gif" width="100%" height="3"></td>
</tr>
<tr>
<td bgcolor="#999999"><img src="/images/spacer.gif" width="100%" height="1"></td>
</tr>
<tr>

<td bgcolor="#FFFFFF"><img src="/images/spacer.gif" width="100%" height="8"></td>
</tr>
<!-- END: Main Nav -->
<!-- BEGIN: Content -->
<tr>
<td>
<table border="0" cellspacing="0" cellpadding="0" width="100%" bordercolor="#6699CC">
<tr valign="top">
<td width="171" height="100%">
<!-- BEGIN: Left Nav -->
<table border="0" cellspacing="0" cellpadding="0" width="171">
<tr>
<td colspan="3" valign="top" width="171" height="1" bgcolor="#6699CC"><img src="/images/spacer.gif" width="171" height="1"></td>
</tr>
<tr valign="top">
<td width="1" height="100%" bgcolor="#6699CC"><img src="/images/spacer.gif" width="1" height="100%"></td>
<td width="169" height="100%" bgcolor="#FFFFFF">
<table border="0" cellspacing="0" cellpadding="0" width="169">
<tr>
<td width="100%" height="100%"><img src="/images/BCS_leftnav_support.jpg" alt="Blue Coat Support" width="169" height="132"><br>
<table border="0" cellspacing="0" cellpadding="0" width="169">
<tr>
<td class="highlightheader" colspan="2" valign="top" width="169" height="13" bgcolor="#000066"><img src="/images/spacer.gif" width="12" height="1"><b>In Support...</b></td>
</tr>
<tr>
<td><img src="/images/spacer.gif" width="1" height="4"><br>
<a class="leftnav" href="https://services.bluecoat.com/eservice_enu" target="_blank"><img src="/images/leftnav_sidearrow.gif" align="absmiddle" border="0">WebPower Login</a><br>
<img src="/images/spacer.gif" width="1" height="4"><br>
<a class="leftnav" href="/support/supportservices/index.html"><img src="/images/leftnav_sidearrow.gif" align="absmiddle" border="0">Support Services</a><br>
<img src="/images/spacer.gif" width="1" height="4"><br>
<a class="leftnav" href="/support/knowledge/index.html"><img src="/images/leftnav_downarrow.gif" align="absmiddle" border="0">Knowledge Center</a><br>
<img src="/images/spacer.gif" width="1" height="4"><br>
<a class="leftnavlink"><img src="/images/leftnav_sidearrow.gif" align="absmiddle" border="0">Security Advisories</a><br>
<img src="/images/spacer.gif" width="1" height="4"><br>
<a class="leftnav" href="/resources/training/index.html"><img src="/images/leftnav_sidearrow.gif" align="absmiddle" border="0">Training Services</a><br>
<img src="/images/spacer.gif" width="1" height="4"><br>
<a class="leftnav" href="http://download.bluecoat.com"><img src="/images/leftnav_sidearrow.gif" align="absmiddle" border="0">Downloads</a><br>
<img src="/images/spacer.gif" width="1" height="4"><br>
<a class="leftnav" href="/support/contact.html"><img src="/images/leftnav_sidearrow.gif" align="absmiddle" border="0">Contact Support</a><br>
<img src="/images/spacer.gif" width="1" height="10">
</td>
<td><img src="/images/spacer.gif" width="10" height="1"></td>
</tr>
</table>
</td>
</tr>
</table>
</td>
<td width="1" height="100%" bgcolor="#6699CC"><img src="/images/spacer.gif" width="1" height="100%"></td>
</tr>
<tr>
<td colspan="3" valign="bottom" width="171" height="1" bgcolor="#6699CC"><img src="/images/spacer.gif" width="171" height="1"></td>
</tr>
</table>
<!-- END: Left Nav -->
</td>
<td width="3" height="100%"><img src="/images/spacer.gif" width="3"></td>
<td width="462" height="100%">
<table border="0" cellspacing="0" cellpadding="0" width="462">
<!-- BEGIN: Main Content -->
<tr>
<td width="100%" height="100%">
<table border="0" cellspacing="0" cellpadding="0" width="313">
<tr>
<td colspan="5" valign="top" width="462" height="1" bgcolor="#6699CC"><img src="/images/spacer.gif" width="462" height="1"></td>
</tr>
<tr>
<td width="1" height="100%" bgcolor="#6699CC"><img src="/images/spacer.gif" width="1" height="100%"></td>
<td><img src="/images/spacer.gif" width="10" height="1"></td>

<td class="hpbodytext" width="440" height="100%" bgcolor="#FFFFFF">

<!-- BEGIN: BC Nav -->

<table border="0" cellspacing="0" cellpadding="0" width="440">

<tr>

<td class="bodytext" bgcolor="E1E1E1" height="27" align="right"><a class="bodytext" href="/index.html">Home</a> > <a class="bodytext" href="/support/index.html">Support</a> > <a class="bodytext" href="/support/knowledge/index.html">Knowledge Center</a> > Security Advisories<img src="/images/spacer.gif" width="4" height="1">
</td>
</tr>

</table>
<!-- END: BC Nav -->
<a class="contentheader">Security Advisory: Potential Compromise of Private Keys</a><br>
<p></p>
<P><B>Date:</B><BR>
May 17, 2004</P>
<P><B>Severity:</B><BR>
High</P>
<P><B>Description:</B><BR>
Some Blue Coat Systems products have a problem that can result in revealing the private key associated with an imported certificate.
<br>
<br>
Importing a private key through the web-based administrative interface (the management console) results in the private key and its pass-phrase being logged in cleartext on the device. Certain device configurations or administrator actions can result in this information being revealed outside the appliance.
<br>
<br>
Note that importing a private key via the command-line interface does not expose the private key - this problem is specific to the browser-based interface.
<br>
<br>
Customers using these products that have imported a private key through the web-based administrative interface should be aware that the key may have been compromised and are advised to generate a new key pair and certificate, and to replace the existing key pair/certificate with the new one. The existing certificate should be revoked; customers should contact their certificate authority for revocation requirements and procedures.
<br>
<br>
The new key should be imported via the command line interface if using one of the affected releases.
<br>
<br>

<P><B>Affected Systems:</B><BR>
SG 3.x
<br>
</p>
<br>
<p><b>Fixed in:</b><br>
SGOS 3.1.3.14: obtain patch release <A href="http://download.bluecoat.com/release/SGOS3/index.html">here</A><br>
SGOS 3.2.1.1: obtain patch release <A href="http://download.bluecoat.com/release/SGOS3/index.html">here</A><br>
</p>
<p><b>Additional Information:</b><br>

<a class="hpbodytextlink" href=""></a>
<br>

</p>

<P>
For more information, please contact the Blue Coat Support Department.</P>
<P>United States Domestic: 866.362.2628<BR>
Domestic/International Calls: 408.220.2270<BR>
Asia Pacific Rim: 81.3.5425.8492<BR>
Email:
<A href="mailto:support@bluecoat.com">support@bluecoat.com</A><BR>
<br>
</P>
</td>
<td><img src="/images/spacer.gif" width="10" height="1"></td>
<td width="1" height="100%" bgcolor="#6699CC"><img src="/images/spacer.gif" width="1" height="100%"></td>
</tr>
<tr>
<td colspan="5" valign="bottom" width="462" height="1" bgcolor="#6699CC"><img src="/images/spacer.gif" width="462" height="1"></td>
</tr>
</table>
</td>
</tr>
<!-- END: Main Content -->
<tr>
<td width="100%" height="3"><img src="/images/spacer.gif" height="3"></td>
</tr>
</table>
</td>
<td width="3" height="100%"><img src="/images/spacer.gif" width="3"></td>

<td width="161" height="100%">
<TABLE border="0" cellspacing="0" cellpadding="0" width="161">
<!-- BEGIN: Featured Solutions -->
<TR>
<TD colspan="5" valign="top" width="161" height="1" bgcolor="#6699CC"><IMG src="/images/spacer.gif" width="161" height="1"></TD>
</TR>
<TR valign="top">
<TD width="1" height="100%" bgcolor="#6699CC"><IMG src="/images/spacer.gif" width="1" height="100%"></TD>
<TD><IMG src="/images/spacer.gif" width="10" height="1"></TD>
<TD width="139" height="100%" bgcolor="#FFFFFF" align="left" class="bodytextfeat">
<P align="center" class="bodytextfeat"><IMG src="/images/spacer.gif" width="1" height="10"><BR>
<SCRIPT src ="http://www.nohold.net/Includes/funcs.js" ></SCRIPT>
<a href= "http://www.nohold.net/noHoldCust31/Prod_1/Articles54407/bc_launch_frames.html" target= "noHold" onClick="return launchkp();" ><IMG src="../../images/instant_support_logo.gif" width="90" height="76" border="0"></A>
<BR>
<IMG src="/images/spacer.gif" width="1" height="10">Use
our self-service portal for your technical support needs.<BR>
<IMG src="/images/spacer.gif" width="1" height="9">
</TD>
<TD><IMG src="/images/spacer.gif" width="10" height="1"></TD>
<TD width="1" height="100%" bgcolor="#6699CC"><IMG src="/images/spacer.gif" width="1" height="100%"></TD>
</TR>
<TR>
<TD colspan="5" valign="bottom" width="161" height="1" bgcolor="#6699CC"><IMG src="/images/spacer.gif" width="161" height="1"></TD>
</TR>
<TR>
<TD colspan="5" valign="bottom" width="1" height="3"><IMG src="/images/spacer.gif" width="1" height="3"></TD>
</TR>



<!-- END: Featured Solutions -->
</TABLE>
</td>
</tr>
</table>
</td>
</tr>
<!-- END: Content -->
<tr valign="bottom">
<td bgcolor="#FFFFFF"><img src="/images/spacer.gif" width="100%" height="3"></td>
</tr>
<!-- BEGIN: Footer -->
<tr>
<td>
<table border=0 cellpadding=0 cellspacing=0 width="100%">
<tr valign="middle">

<td bgcolor="#000066" width="100%" height="30">
<table border="0" cellspacing="0" cellpadding="0" width="100%">
<tr>

<td class="persistantnav" align="center"><IMG src="/images/BCS-footer.gif" width="800" height="30"></td>
</tr>
</table>
</td>
</tr>
</table>
</td>
</tr>
<!-- END: Footer -->
</table>
</td>
</tr>
</table>


</body>

</html>
Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close