|
Family: CGI abuses --> Category: attack
TrendMicro OfficeScan Multiple Vulnerabilities Vulnerability Scan
Vulnerability Scan Summary Checks for OfficeScan stack overflows
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote web server is vulnerable to remote code execution.
Description :
The remote host appears to be running Trend Micro OfficeScan Server.
This version of OfficeScan is vulnerable to multiple stack overflows in
CGI programs which may allow a remote attacker to execute code in
the context of the remote server.
Note that OfficeScan server under Windows runs with SYSTEM rights,
which means a possible hacker can gain complete control of the affected host.
In addition, there is a format string vulnerability in the
'ATXCONSOLE.OCX' ActiveX Control that may allow for remote code
execution via malicious input to the console's Remote Client Install
name search as well as flaws that might allow for removal of the
OfficeScan client or arbitrary files from the remote host.
Solution :
TrendMicro has released 2 patches for OfficeScan 7.3:
http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1031753
http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1031702
http://www.layereddefense.com/TREND01OCT.html
Threat Level:
High / CVSS Base Score : 7.0
(AV:R/AC:L/Au:NR/C:P/I:P/A:P/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|