SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Security)  >   Trend Micro OfficeScan Vendors:   Trend Micro
Trend Micro Office Scan Has Remote Web Management CGI That Lets Remote Users View Arbitrary Files on the Server
SecurityTracker Alert ID:  1002259
SecurityTracker URL:  http://securitytracker.com/id/1002259
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Aug 25 2001
Impact:   Disclosure of system information, Disclosure of user information
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): OfficeScan Corp Edition Version 3.54
Description:   Secure Net Service reported a vulnerability in Trend Micro's Office Scan that allows remote users to view files on the system.

The cgiWebupdate.exe program, used for remote management, reportedly contains a vulnerability that allows remote users to read arbitrary files with IUSER privileges.

Impact:   A remote user can view and IUSER-readable files on the system.
Solution:   The vendor has released a patch. The same vulnerability exists in the Japanese version of this product and there is a Japanese version of a patch for this vulnerability which can reportedly be applied to this Office Scan product. The patch is reportedly available at:

http://www.trendmicro.co.jp/esolution/solutionDetail.asp?solutionId=3086

Vendor URL:  www.antivirus.com (Links to External Site)
Cause:   Access control error, Input validation error
Underlying OS:  Windows (2000)
Underlying OS Comments:  tested on Windows 2000 Server

Message History:   None.


 Source Message Contents

Subject:  [SNS Advisory No.40] TrendMicro OfficeScan Corp Edition ver.3.54 Remote read file of IUSER authority Vulnerability


----------------------------------------------------------------------
SNS Advisory No.40
TrendMicro OfficeScan Corp Edition ver.3.54 Remote read file of IUSER authority Vulnerability

Problem first discovered: 21 Aug 2001
Published: Fri, 24 Aug 2001
----------------------------------------------------------------------

Overview
--------
Trend Micro OfficeScan Corp Edition ver.3.54 contains a vulnerability which allows attackers to read arbitrary files with IUSER privilege.


Problem Description 
-------------------
Trend Micro OfficeScan Corp Edition is an antivirus software for enterprise use. It provides central virus reporting, automatic virus
 pattern updates, and Web-based remote management console. A vulnerability lies in cgiWebupdate.exe, which is one of cgi programs
 and is used for remote management. This problem can allow remote users to read arbitrary files with IUSER privilege. 


Tested Version 
--------------
Trend Micro OfficeScan Corp Edition Version 3.54

Tested OS
---------
Windows 2000 Server

Patch Information
-----------------
The same vulnerability exists in the Japanese version.There is a Japanese version of a patch for this vulnerability , which can be
 applied to any other version.The patch is available from the following site:

 http://www.trendmicro.co.jp/esolution/solutionDetail.asp?solutionId=3086

Discovered by:
--------------
Nobuo Miwa (LAC / n-miwa@lac.co.jp)

Disclaimer:
-----------
All information in these advisories are subject to change without any 
advanced notices neither mutual consensus, and each of them is released
as it is. LAC Co., Ltd. is not responsible for any risks of occurrences
caused by applying those information.

References
----------
Archive of this advisory(in preparation now):
	http://www.lac.co.jp/security/english/snsadv_e/40_e.html

------------------------------------------------------------------
Secure Net Service(SNS) Security Advisory <snsadv@lac.co.jp>
Computer Security Laboratory, LAC  http://www.lac.co.jp/security/

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC