In association with heise online

03 March 2008, 12:10

Vulnerabilities in Trend Micro OfficeScan

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Multiple buffer overflows have been discovered in Trend Micro’s OfficeScan, the vendor's combined client-server virus protection product. The bugs can be exploited remotely to gain control over a system. They reside in various applications, including the web management console.

Excess length passwords can provoke an overflow in the cgiChkMasterPwd.exe file, allowing code injection and execution. The policy server (PolicyServer.exe) suffers from the same problem. For the bugs to be exploitable, the Trend Micro Policy Server for Cisco NAC must be installed, but this is the case in default installations. In addition, processing crafted HTTP content length fields can cause the service to crash.

The bugs were discovered in OfficeScan 7.3 with patch 3, build 1314. Other versions may also be vulnerable. An update is not yet available. The only workaround is to restrict network access to the system.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit