CVE-2005-3654 : Blue Coat Systems Inc. WinProxy before 6.1a allows remote attackers to cause a d

Blue Coat Systems Inc. WinProxy before 6.1a allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of packets with 0xFF characters to the Telnet port (TCP 23), which corrupts the heap.

Published 2005-12-31 05:00:00

Updated 2025-04-03 01:03:51

Source MITRE

View at NVD, CVE.org

Vulnerability category: Execute codeDenial of service

Products affected by CVE-2005-3654

Bluecoat » Webproxy » Version: 4.0 Update R1H
cpe:2.3:a:bluecoat:webproxy:4.0:r1h:*:*:*:*:*:*
Matching versions
Bluecoat » Webproxy » Version: 4.0 Update R1K
cpe:2.3:a:bluecoat:webproxy:4.0:r1k:*:*:*:*:*:*
Matching versions
Bluecoat » Webproxy » Version: 5.1 Update R1A
cpe:2.3:a:bluecoat:webproxy:5.1:r1a:*:*:*:*:*:*
Matching versions
Bluecoat » Webproxy » Version: 5.1 Update R1D
cpe:2.3:a:bluecoat:webproxy:5.1:r1d:*:*:*:*:*:*
Matching versions
Bluecoat » Webproxy » Version: 4.0 Update R1A
cpe:2.3:a:bluecoat:webproxy:4.0:r1a:*:*:*:*:*:*
Matching versions
Bluecoat » Webproxy » Version: 4.0 Update R1M
cpe:2.3:a:bluecoat:webproxy:4.0:r1m:*:*:*:*:*:*
Matching versions
Bluecoat » Webproxy » Version: 4.0 Update R1N
cpe:2.3:a:bluecoat:webproxy:4.0:r1n:*:*:*:*:*:*
Matching versions
Bluecoat » Webproxy » Version: 5.1 Update R1E
cpe:2.3:a:bluecoat:webproxy:5.1:r1e:*:*:*:*:*:*
Matching versions
Bluecoat » Webproxy » Version: 5.2 Update R1A
cpe:2.3:a:bluecoat:webproxy:5.2:r1a:*:*:*:*:*:*
Matching versions
Bluecoat » Webproxy » Version: 4.0 Update R1E
cpe:2.3:a:bluecoat:webproxy:4.0:r1e:*:*:*:*:*:*
Matching versions
Bluecoat » Webproxy » Version: 4.0 Update R1F
cpe:2.3:a:bluecoat:webproxy:4.0:r1f:*:*:*:*:*:*
Matching versions
Bluecoat » Webproxy » Version: 5.0 Update R1B
cpe:2.3:a:bluecoat:webproxy:5.0:r1b:*:*:*:*:*:*
Matching versions
Bluecoat » Webproxy » Version: 5.0 Update R1C
cpe:2.3:a:bluecoat:webproxy:5.0:r1c:*:*:*:*:*:*
Matching versions
Bluecoat » Webproxy » Version: 4.0 Update R1B
cpe:2.3:a:bluecoat:webproxy:4.0:r1b:*:*:*:*:*:*
Matching versions
Bluecoat » Webproxy » Version: 4.0 Update R1C
cpe:2.3:a:bluecoat:webproxy:4.0:r1c:*:*:*:*:*:*
Matching versions
Bluecoat » Webproxy » Version: 4.0 Update R1P
cpe:2.3:a:bluecoat:webproxy:4.0:r1p:*:*:*:*:*:*
Matching versions
Bluecoat » Webproxy » Version: 5.0 Update R1A
cpe:2.3:a:bluecoat:webproxy:5.0:r1a:*:*:*:*:*:*
Matching versions
Bluecoat » Webproxy » Version: 6.0 Update R1A
cpe:2.3:a:bluecoat:webproxy:6.0:r1a:*:*:*:*:*:*
Matching versions
Bluecoat » Webproxy » Version: 6.0 Update R1C
cpe:2.3:a:bluecoat:webproxy:6.0:r1c:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2005-3654

EPSS FAQ

3.29%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 86 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2005-3654

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
7.5	HIGH	AV:N/AC:L/Au:N/C:P/I:P/A:P	10.0	6.4	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial

References for CVE-2005-3654

http://securitytracker.com/id?1015442

Patch
http://securityreason.com/securityalert/322
http://www.securityfocus.com/bid/16149
http://www.winproxy.com/products/relnotes.asp
http://secunia.com/advisories/18288

Patch;Vendor Advisory

CVEs referencing this url
http://www.vupen.com/english/advisories/2006/0065

CVEs referencing this url
http://www.idefense.com/intelligence/vulnerabilities/display.php?id=365

Patch;Vendor Advisory

Jump to

Vulnerability Details : CVE-2005-3654

Products affected by CVE-2005-3654

Exploit prediction scoring system (EPSS) score for CVE-2005-3654

CVSS scores for CVE-2005-3654

References for CVE-2005-3654