Blue Coat ProxyAV Advisory on Sockstress TCP Attacks

Back to all Security AdvisoriesSubscribe
Security Advisories ID: 
SA38
Published Date: 
October 16, 2009
Advisory Status: 
Final
Advisory Severity: 
Low
Advisory Details: 

ProxyAV is based on Windows XP Embedded. According to Microsoft, this version of Windows XP Embedded is vulnerable, albeit with low severity; to CERT-FI/CVE-2008-4609 Windows XP-based systems are at a reduced risk as there is not the same possibility for remote code execution vs. other versions of Windows. Additionally, when ProxyAV is deployed according to Blue Coat best practices, there's a remote possibility for denial of service as it assumes that the appliance is Internet-facing and subjected the specific attack of specially-crafted TCP packets.