Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » Trend InterScan VirusWall Remote Reconfiguration Vulnerability

Trend InterScan VirusWall Remote Reconfiguration Vulnerability

by platon on June 6th, 2001 Interscan Viruswall is a Virus scanning software package distributed and maintained by Trend Micro. It is designed to scan for virus occurances in both incoming and outgoing traffic via SMTP, FTP, and HTTP at the gateway of the network...


The management interface used with the Interscan Viruswall uses several programs in a cgi directory that may allow a remote attacker to make configuration changes using maliciously-constructed querystrings submitted to the host.

Examples:

http://target/interscan/cgi-bin/FtpSave.dll?no

http://target/interscan/cgi-bin/FtpSave.dll?yes

http://target/interscan/cgi-bin/FtpSave.dll?I'm%20here

There are currently no patches available.

Trend Micro's support team has notified sources that this problem will be fixed in Version 5.0. They reported also the patched version will be released in July, 2001.

Until the patch is released, the workaround is placing systems using this software on restricted networks.

(ie. use firewall, use access control features of the Web server)

Reported to bugtraq by [email protected] on May 24, 2001.


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »