Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » Trend Micro Interscan Viruswall Multiple Program Buffer Overflow Vulnerability

Trend Micro Interscan Viruswall Multiple Program Buffer Overflow Vulnerability

by phiber on April 15th, 2001 A problem with the software package could lead elevated privileges on the scanning system. The management interface used with the Interscan Viruswall uses several programs in a cgi directory that contain buffer overflows. Additionally, the http daemon used to execute these programs runs as root, and does not sufficiently control access to the programs, allowing a user to execute them directly.




Therefore, it is possible for a remote user to exploit buffer overflows in the cgi programs packaged with Interscan Viruswall, and execute arbitrary commands are root on the system hosting Viruswall.



Exploit:

You can exploit like this: http://server:1812/catinfo?4500xA


Solution:

Upgrade your version by visiting http://www.trend.com/support.


What is Interscan?:

Interscan Viruswall is a Virus scanning software package distributed and maintained by Trend Micro. It is designed to scan for virus occurances in both incoming and outgoing traffic via SMTP, FTP, and HTTP at the gateway of the network.



Credit for this vulnerability goes to:

Eeye Security


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »