Trend Micro InterScan Web Security Suite < 3.1 Build 1237 Multiple Flaws

Medium Nessus Plugin ID 35648


The remote host contains an application that is affected by multiple security bypass vulnerabilities.


Trend Micro InterScan Web Security Suite is installed on the remote host. The installed version fails to restrict non-admin accounts 'Auditor' and 'Report Only' from modifying system configurations even though these accounts do not have sufficient permissions.


Upgrade to Trend Micro InterScan Web Security Suite 3.1 Build 1237.

See Also

Plugin Details

Severity: Medium

ID: 35648

File Name: trendmicro_interscan_wss_security_bypass.nasl

Version: $Revision: 1.11 $

Type: local

Agent: windows

Family: Windows

Published: 2009/02/12

Modified: 2015/01/12

Dependencies: 17200, 10107, 13855

Risk Information

Risk Factor: Medium


Base Score: 4

Temporal Score: 3.3

Vector: CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:trend_micro:interscan_web_security_suite

Required KB Items: SMB/Registry/Enumerated

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2009/02/04

Reference Information

CVE: CVE-2009-0613

BID: 33679

OSVDB: 51881

Secunia: 33867

CWE: 264