Trend Micro OfficeScan Client Firewall Multiple Vulnerabilities

high Nessus Plugin ID 35451

Synopsis

The remote host contains an application that is affected by multiple vulnerabilities.

Description

The remote host is either running Trend Micro OfficeScan or Trend Micro OfficeScan Client. The installed version is affected by multiple vulnerabilities :

- A vulnerability in 'ApiThread()' function could allow a malicious local user to execute arbitrary code with SYSTEM privileges by sending specially crafted packets to the OfficeScan NT Firewall service (TmPfw.exe) listening on TCP port 40000 by default.

- A vulnerability in 'ApiThread()' function could allow a malicious local user to crash the OfficeScan NT Firewall service (TmPfw.exe) by sending specially crafted packets to its default TCP port 40000.

- By sending specially crafted packets to the OfficeScan NT Firewall service (TmPfw.exe) on its default TCP port 40000 it may be possible for a local user to modify firewall configuration without any authentication.

Solution

Upgrade to Trend Micro OfficeScan 8.0 SP1 Patch 1 and apply patch 3191.

See Also

https://secuniaresearch.flexerasoftware.com/secunia_research/2008-42

https://secuniaresearch.flexerasoftware.com/secunia_research/2008-43

http://www.nessus.org/u?aac27224

Plugin Details

Severity: High

ID: 35451

File Name: trendmicro_officescan_nsc_module_multiple_vuln.nasl

Version: 1.14

Type: local

Agent: windows

Family: Windows

Published: 1/23/2009

Updated: 11/15/2018

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 7.2

Temporal Score: 5.3

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:trend_micro:officescan

Exploit Ease: No known exploits are available

Patch Publication Date: 1/18/2009

Reference Information

CVE: CVE-2008-3864, CVE-2008-3865, CVE-2008-3866

BID: 33358

CWE: 119, 20, 287

Secunia: 33609