Detections
Analytics
Trend Micro OfficeScan Multiple CGI Module Vulnerabilities
high Nessus Plugin ID 34363
Synopsis
The remote host contains an application that is affected by multiple vulnerabilities.Description
The remote host is either running Worry-Free Business Security or Trend Micro OfficeScan/Trend Micro OfficeScan client. The installed version is affected by multiple vulnerabilities :- If Trend Micro OfficeScan client 'Tmlisten.exe' is configured to receive updates from other clients, it may be possible to launch a directory traversal attack against the remote host, and read arbitrary files.
- A vulnerability in Trend Micro OfficeScan server CGI modules could be exploited to trigger a buffer overflow issue and execute arbitrary code on the remote system with web server privileges.
- A NULL pointer dereference issue could be exploited to trigger a denial of service condition on the remote system.
Solution
Upgrade to :- Trend Micro OfficeScan 7.3 Build 1372.
- Trend Micro OfficeScan 8.0 Build 2439/3087 depending on the current OfficeScan patch level.
- Worry-Free Business Security 5.0 Build 1414.
See Also
http://www.nessus.org/u?b5493c8c
http://www.nessus.org/u?c957bae3
http://www.nessus.org/u?cabe4087
https://secuniaresearch.flexerasoftware.com/secunia_research/2008-39/
Plugin Details
Severity: High
ID: 34363
File Name: trendmicro_officescan_multiple_vulns.nasl
Version: 1.22
Type: local
Agent: windows
Family: Windows
Published: 10/8/2008
Updated: 11/15/2018
Supported Sensors: Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.9
CVSS v2
Risk Factor: High
Base Score: 7.5
Temporal Score: 5.5
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P
Vulnerability Information
CPE: cpe:/a:trend_micro:officescan
Exploit Ease: No known exploits are available
Patch Publication Date: 9/30/2008
Reference Information
CVE: CVE-2008-2439, CVE-2008-4402, CVE-2008-4403
BID: 31531