Vulnerability Scanning Solutions, LLC.
Home
Our Process
Residential
Corporate
What We Scan For
Sample Report
Client List
Terms
Contact Us
What We Scan For
Family: CGI abuses --> Category: attack

TrendMicro OfficeScan Multiple Vulnerabilities Vulnerability Scan


Vulnerability Scan Summary
Checks for OfficeScan stack overflows

Detailed Explanation for this Vulnerability Test

Synopsis :

The remote web server is vulnerable to remote code execution.

Description :

The remote host appears to be running Trend Micro OfficeScan Server.

This version of OfficeScan is vulnerable to multiple stack overflows in
CGI programs which may allow a remote attacker to execute code in
the context of the remote server.

Note that OfficeScan server under Windows runs with SYSTEM rights,
which means a possible hacker can gain complete control of the affected host.

In addition, there is a format string vulnerability in the
'ATXCONSOLE.OCX' ActiveX Control that may allow for remote code
execution via malicious input to the console's Remote Client Install
name search as well as flaws that might allow for removal of the
OfficeScan client or arbitrary files from the remote host.

Solution :

TrendMicro has released 2 patches for OfficeScan 7.3:

http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1031753
http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1031702
http://www.layereddefense.com/TREND01OCT.html

Threat Level:

High / CVSS Base Score : 7.0
(AV:R/AC:L/Au:NR/C:P/I:P/A:P/B:N)

Click HERE for more information and discussions on this network vulnerability scan.

VSS, LLC.

P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.