In association with heise online

26 January 2007, 10:08

Trend Micro for Linux enables root access

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

A vulnerability in Trend Micro's InterScan VirusWall for Linux allows local users to obtain root privileges. The vendor is providing updates.

The vscan virus scanner uses the library, which is configured as setuid root. Extra-long command line parameters can cause a buffer overflow when vscan is launched. Attackers could then control the instruction pointer in order to execute arbitrary code, which would run with root privileges.

In the standard installation, only root and members of the iscan group can launch the scanner. However, administrators may expand these rights on systems with multiple users to allow more people to scan files. Trend Micro has provided an update for the flawed library, which should be installed by such administrators as quickly as possible.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit