Trend Micro OfficeScan HTTP Request Buffer Overflow

High Nessus Network Monitor Plugin ID 4724

Synopsis

The remote host contains an application that is affected by a buffer overflow vulnerability.

Description

Trend Micro OfficeScan is installed on the remote host. The installed version is affected by a buffer overflow vulnerability. By sending a specially crafted HTTP request to Trend Micro OfficeScan server CGI modules, it may be possible to trigger a stack based buffer overflow. Successful exploitation of this issue may result in arbitrary code execution on the remote system.

Solution

Upgrade to :\n\n - Trend Micro OfficeScan 7.3 Build 1374 or higher\n - Trend Micro OfficeScan 8.0 Build 3110 or higher

See Also

http://www.nessus.org/u?9805a21c (v5.0 WFBS Build 1418)

http://www.nessus.org/u?2b7bfd4c (v7.3 Build 1374)

http://www.nessus.org/u?01759f7a (v8.0 Service Pack 1 Patch 1, Build 3110)

http://secunia.com/secunia_research/2008-40

Plugin Details

Severity: High

ID: 4724

File Name: 4724.prm

Family: Generic

Published: 2008/10/27

Modified: 2016/01/15

Nessus ID: 34490

Risk Information

Risk Factor: High

CVSSv2

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

CVSSv3

Base Score: 7.3

Temporal Score: 6.4

Vector: CVSS3#AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS3#E:U/RL:O/RC:C

Exploitable With

CANVAS (D2ExploitPack)

Reference Information

CVE: CVE-2008-3862

BID: 31859

OSVDB: 49275