 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.0.900220 |
| Kategorie: | Buffer overflow |
| Titel: | Trend Micro OfficeScan Server cgiRecvFile.exe Buffer Overflow Vulnerability. |
| Zusammenfassung: | Trend Micro OfficeScan is prone to a buffer overflow vulnerability. |
| Beschreibung: | Summary: Trend Micro OfficeScan is prone to a buffer overflow vulnerability. Vulnerability Insight: The flaw is due to error in cgiRecvFile.exe can be exploited to cause a stack based buffer overflow by sending a specially crafted HTTP request with a long ComputerName parameter. Vulnerability Impact: Remote exploitation could allow execution of arbitrary code to cause complete compromise of system and failed attempt leads to denial of service condition. Affected Software/OS: Trend Micro OfficeScan Corporate Edition version 8.0 Trend Micro OfficeScan Corporate Edition versions 7.0 and 7.3 Trend Micro Client Server Messaging Security (CSM) for SMB versions 2.x and 3.x Solution: Partially Fixed. Fix is available for Trend Micro OfficeScan 8.0, 7.3 and Client Server Messaging Security (CSM) 3.6. Please see the references for more information. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2008-2437 BugTraq ID: 31139 http://www.securityfocus.com/bid/31139 Bugtraq: 20080912 Secunia Research: Trend Micro OfficeScan "cgiRecvFile.exe" Buffer Overflow (Google Search) http://www.securityfocus.com/archive/1/496281/100/0/threaded http://secunia.com/secunia_research/2008-35/ http://www.securitytracker.com/id?1020860 http://secunia.com/advisories/31342 http://securityreason.com/securityalert/4263 http://www.vupen.com/english/advisories/2008/2555 XForce ISS Database: trendmicro-cgirecvfile-bo(45072) https://exchange.xforce.ibmcloud.com/vulnerabilities/45072 |
| Copyright | Copyright (C) 2008 Greenbone AG |
| Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |