|
|
Family: CGI abuses --> Category: attack
TrendMicro ControlManager Multiple Vulnerabilities Vulnerability Scan
Vulnerability Scan Summary
Checks for ControlManager version
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote web server is vulnerable to remote code execution.
Description :
The remote host appears to be running Trend Micro ControlManager.
The version of ControlManager is vulnerable to a buffer overrun in CGI
programs which may allow a remote attacker to execute code in the
context of ControlManager. This version is also vulnerable to a
denial of service (DoS) attack in the way it handles ISAPI requests.
Note that ControlManager under Windows runs with SYSTEM rights,
which means a possible hacker can gain complete control of the affected
host.
See also :
http://www.trendmicro.com/download/product.asp?productid=7
Solution :
Apply TrendMicro Service Pack 5 for ControlManager 3.0.
Threat Level:
High / CVSS Base Score : 7.0
(AV:R/AC:L/Au:NR/C:P/I:P/A:P/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|
