Update Protection against Trend Micro OfficeScan CGI Password Decryption Buffer Overflow Vulnerability
| Check Point Reference: | CPAI-2008-128 | |
| Date Published: | ||
| Severity: | ||
| Last Updated: | ||
| Source: | Secunia Advisory: SA29124 | |
| Industry Reference(s): | CVE-2008-1366 | |
| Protection Provided by: |
IPS-1
|
|
| Who is Vulnerable? Trend Micro OfficeScan Corporate Edition 7.3 Patch 3 Build 1314 and prior Trend Micro OfficeScan Corporate Edition 8.0 Patch 2 Build 1189 and prior | ||
| Vulnerability Description A buffer overflow vulnerability exists in Trend Micro OfficeScan. Trend Micro OfficeScan is a centralized virus and security scan management system. A remote attacker may exploit this vulnerability to execute arbitrary code on a vulnerable system. Successful exploitation may allow the attacker to take complete control of the affected system. |
||
|
Update/Patch Available Apply patches: OfficeScan 6.5 OfficeScan 7.0 OfficeScan 7.3 |
|
|
Vulnerability Details The vulnerability is due to a boundary error in the Trend Micro OfficeScan Policy server that fails to properly handle HTTP requests. An attacker might trigger this flaw by specially crafting a malicious HTTP request and sending it to the target server. Successful exploitation of this issue will allow the attacker to execute arbitrary code on the vulnerable system. |
Protection Overview
By enabling this protection, IPS-1 will detect and block the malformed HTTP requests.
In order for the protection to be activated, update your product to the latest SmartDefense update. For information on how to update SmartDefense, go to SBP-2006-05, Protection tab and select the version of your choice.
To configure the defense, select your product from the list below and follow the related protection steps.