Title: Blue Coat Multiple Product DNS Query ID Field Prediction Cache Poisoning
Jul 14, 2008
Blue Coat products contain a flaw that may allow a malicious user to poison a recursive DNS cache. The issue is triggered by a weakness in the algorithm used to generate random DNS transaction IDs, which combined with a static source port for all DNS queries can allow an attacker to spoof a DNS response packet. It is possible that the flaw may allow a remote attacker to poison a DNS cache resulting in a loss of integrity.
Remote / Network Access
Loss of Integrity
Blue Coat has released several patches to address this vulnerability.