TrendMicro security bypass - Secunia Advisories - Vulnerability Intelligence

TrendMicro security bypass
Secunia Advisory:	SA7881	Advisory Toolbox: Issue ticket Save in to-do list Mark as handled Exploit information Download as PDF Review actions Add comment
Release Date:	2003-01-16
Last Update:	2003-01-23
Popularity:	9,444 views

Critical:	Moderately critical
Impact:	Security Bypass Exposure of system information DoS
Where:	From remote
Solution Status:	Unpatched

Software:	Trend Micro OfficeScan Corporate Edition 3.x Trend Micro ScanMail for Microsoft Exchange 3.x

Subscribe:	Instant alerts on relevant vulnerabilities

Description: Four different vulnerabilities has been identified in older TrendMicro products. TrendMicro Officescan password bypass Certain scripts in /officescan/cgi are not protected with passwords, one being cgiMasterPwd.exe, this allows malicious user to create new passwords for the Officescan management page. TrendMicro Virus Control System memory exhausting Each request of /tvcs/activesupport.exe will consume 2.5MB of memory, it will take up to 5 minutes before it terminates and frees the memory. TrendMicro Scanmail password bypass This has been called a "backdoor", request /smg_Smxcfg30.exe?vcc=3560121183d3 and you will not be prompted for a password. TrendMicro Virus Control System log collector Request /tvcs/getservers.exe?action=selects1 Follow step 2-4 and download a zip file with the TVCS password and the service username and password. Solution: It is recommended to upgrade to newer versions which do not suffer these vulnerabilities. We recommend that you implement an extra level of filtering, so that access to these administrative services only is possible from specific IP addresses. Workaround for Officescan password bypass http://kb.trendmicro.com/solutions/solutionDetail.asp?solutionId=13353 Workaround for Scanmail password bypass http://kb.trendmicro.com/solutions/solutionDetail.asp?solutionId=13352 Users of Trendmicro Virus Control System should upgrade to Trend Micro Control Manager. Provided and/or discovered by: Rod Boron

Track this Secunia Advisory
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released. Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.

About this Secunia Advisory
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise. Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.

Latest Advisories

6th Oct, 2008

New advisories:	19
New vulnerabilities:	52
Updated advisories:	26

Moderately // 353 views

Serv-U File Renaming Directory Traversal and STOU Denial of Service

Moderately // 352 views

JMweb MP3 Script "src" File Inclusion Vulnerabilities

Less // 322 views

AmpJuke "special" SQL Injection Vulnerability

Less // 341 views

Website Directory "keyword" Cross-Site Scripting Vulnerability

Less // 334 views

Nucleus EUC-JP Cross-Site Scripting Vulnerability

Not // 661 views

Microsoft Windows Vista Page Fault Handling Denial of Service

Less // 324 views

Kontiki Delivery Management System "action" Cross-Site Scripting

Moderately // 345 views

PHP-Fusion Recepies Module "kat_id" SQL Injection

Highly // 785 views

VMware ESX Server Sun Java JDK / JRE Multiple Vulnerabilities

Highly // 675 views

VMware VirtualCenter Multiple Vulnerabilities

Solutions | More...

Send Feedback to Secunia
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com. Ideas, suggestions, and other feedback are most welcome.