Trend Micro for Linux enables root access
A vulnerability in Trend Micro's InterScan VirusWall for Linux allows local users to obtain root privileges. The vendor is providing updates.
The vscan virus scanner uses the libvsapi.so library, which is configured as setuid root. Extra-long command line parameters can cause a buffer overflow when vscan is launched. Attackers could then control the instruction pointer in order to execute arbitrary code, which would run with root privileges.
In the standard installation, only root and members of the iscan group can launch the scanner. However, administrators may expand these rights on systems with multiple users to allow more people to scan files. Trend Micro has provided an update for the flawed library, which should be installed by such administrators as quickly as possible.
- Buffer overflow in VSAPI library of Trend Micro VirusWall 3.81 for Linux, security advisory at Full Disclosure
- Segmentation fault in Trend Micro InterScan VirusWall (ISVW) 3.81 for Linux virus scan tool, security advisory and update from Trend Micro