Trend Micro OfficeScan Client Traversal Arbitrary File Access

This script is Copyright (C) 2008-2013 Tenable Network Security, Inc.


Synopsis :

The remote web server is affected by a directory traversal issue.

Description :

The version of Trend Micro OfficeScan client running on the remote
host is affected by a directory traversal issue that can be
leveraged by an unauthenticated, remote attacker to read arbitrary
files on the remote host.

Note that successful exploitation requires that 'Tmlisten.exe' be
configured to receive updates from other clients.

See also :

http://secunia.com/secunia_research/2008-39/
http://www.nessus.org/u?14a47516
http://www.nessus.org/u?b5493c8c
http://www.nessus.org/u?c957bae3
http://www.nessus.org/u?cabe4087

Solution :

Upgrade to :

- Trend Micro OfficeScan 7.3 Build 3172.
- Trend Micro OfficeScan 8.0 Build 2439/3087
depending on the current OfficeScan patch level.
- Worry-Free Business Security 5.0 Build 1414.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)
CVSS Temporal Score : 3.9
(CVSS2#E:POC/RL:OF/RC:C)
Public Exploit Available : true

Family: Web Servers

Nessus Plugin ID: 34362 ()

Bugtraq ID: 31531

CVE ID: CVE-2008-2439