Two holes in Trend Micro’s OfficeScan Corporate Edition
Trend Micro has released an update for the company’s OfficeScan Corporate Edition 8.0 to close two security holes in its OfficeScan Server product. OfficeScan Server distributes the software and all updates to the clients.
A buffer overflow in the CGI module (CGIOCommon.dll) can be exploited to inject arbitrary code when crafted HTTP requests are handled, and to execute the code with web server privileges. An attacker may also exploit a bug in the authentication service (cgiChkMasterPwd.exe) of the OfficeScan Management Console to bypass authentication merely by sending packets with manipulated HTTP headers to the server. The update (Build 1024) (download) replaces the defective modules with updated versions. According to the vendor’s advisory, the new CGI module resets the stored user log-on information.
- Trend Micro OfficeScan Corporate Edition 8.0, Security Patch - Build 1042 CGI modules, advisory by Trend Micro
(mba)