Blue Coat BCAAA Windows Service Stack Buffer Overflow

Added: 01/05/2012
BID: 47618
OSVDB: 72095

Background

Blue Coat Authentication and Authorization Agent (BCAAA) is installed on a domain server and acts as an intermediary between a Blue Coat ProxySG and the domain.

Problem

The BCAAA Windows Service is vulnerable to a stack-based buffer overflow. Sending a large buffer to TCP port 16102 causes a stack-based buffer overflow in the bcaaa-130.exe process. Successful exploitation of this vulnerability could lead to remote code execution with SYSTEM privileges.

Resolution

Apply relevant workarounds or patches as described in Blue Coat Security Advisory SA55.

References

http://secunia.com/advisories/44366

Limitations

Exploit works on Blue Coat Systems BCAAA 5.4.6.1.54128.

Platforms

Windows

Back to exploit index