Trend Micro OfficeScan Multiple CGI Module Vulnerabilities

This script is Copyright (C) 2008-2016 Tenable Network Security, Inc.


Synopsis :

The remote host contains an application that is affected by multiple
vulnerabilities.

Description :

The remote host is either running Worry-Free Business Security or
Trend Micro OfficeScan/Trend Micro OfficeScan client. The installed
version is affected by multiple vulnerabilities :

- If Trend Micro OfficeScan client 'Tmlisten.exe' is
configured to receive updates from other clients, it
may be possible to launch a directory traversal attack
against the remote host, and read arbitrary files.

- A vulnerability in Trend Micro OfficeScan server CGI
modules could be exploited to trigger a buffer overflow
issue and execute arbitrary code on the remote system
with web server privileges.

- A NULL pointer dereference issue could be exploited to
trigger a denial of service condition on the remote
system.

See also :

http://secunia.com/secunia_research/2008-39/
http://www.nessus.org/u?14a47516
http://www.nessus.org/u?b5493c8c
http://www.nessus.org/u?c957bae3
http://www.nessus.org/u?cabe4087

Solution :

Upgrade to :

- Trend Micro OfficeScan 7.3 Build 1372.
- Trend Micro OfficeScan 8.0 Build 2439/3087
depending on the current OfficeScan patch level.
- Worry-Free Business Security 5.0 Build 1414.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 5.5
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 34363 ()

Bugtraq ID: 31531

CVE ID: CVE-2008-2439
CVE-2008-4402
CVE-2008-4403

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now