Bugtraq mailing list archives
Trend Micro release patch for "OfficeScan DoS & Message Replay" V ulnerabilies
From: Richard_Sheng () TRENDMICRO COM (Richard Sheng)
Date: Thu, 16 Mar 2000 14:46:55 -0800
Patch Available for "OfficeScan DoS & Message Replay" Vulnerability Posted: March 16, 2000 Summary ======= Trend Micro has released a new version of OfficeScan Corporate Edition - version 3.51 - that eliminates two security vulnerabilities found on previous versions. Previous versions of OfficeScan allow intruders within a firewall to initiate a DoS attack on the OfficeScan client (tmlisten.exe) as well as to capture OfficeScan commands. These commands can be replayed and used to change other OfficeScan client configurations. Issues ====== Trend OfficeScan version 3.5 or earlier versions perform incomplete parsing and buffer overflow checking in its Windows NT client. If a malicious user, has the ability to telnet and submit some form of message to the OfficeScan NT client, OfficeScan service consumes 100% CPU processing power. In addition, communication between the OfficeScan server and client was established with insufficient encryption and authentication, which allows a malicious user to sniff and replay OfficeScan commands. Implementation ============== Trend Micro has corrected the DoS attack issue by correctly parsing and handling commands or arbitrary messages sent to the OfficeScan client. Trend Micro has implemented MD5 Message-Digest Algorithm to ensure that the commands between the server and the clients can not be decrypted or captured to be replayed to other clients. For details about the MD5 encryption algorithm see: http://theory.lcs.mit.edu/~rivest/rfc1321.txt Affected Software Versions ========================== Trend OfficeScan Corporate Edition 3.0 Trend OfficeScan Corporate Edition 3.11 Trend OfficeScan Corporate Edition 3.13 Trend OfficeScan Corporate Edition 3.5 Trend OfficeScan for Microsoft SBS 4.5 Patch Availability ================== - http://www.antivirus.com/download/ofce_patch.htm More Information ============ Please see the following references for more information related to this issue. - Trend Micro Security Bulletin: http://www.antivirus.com/download/ofce_patch_35.htm - Frequently Asked Questions: Trend Micro Knowledge Base http://solutionbank.antivirus.com/solutions/faqResult.asp?product=8 Obtaining Support on this Issue =============================== This is a fully supported release. Information on contacting Trend Micro Technical Support is available at http://www.trend.com/support/default.htm Acknowledgements ================ Trend Micro thanks Gregory Duchemin http://www.securite-internet.com and Jeff Stevens http://www.umeme.maine.edu for reporting the DoS and Message Replay vulnerability to us, and working with us to protect our customers. ==================== Richard Sheng Product Manager Trend Micro, Inc. http://www.antivirus.com 408-257-1500 =======================
Current thread:
- Re: Exploit for Mandrake 6.1 (PAM/userhelper bug), (continued)
- Re: Exploit for Mandrake 6.1 (PAM/userhelper bug) Matt Davis (Mar 17)
- Re: Exploit for Mandrake 6.1 (PAM/userhelper bug) Jeremy Gault (Mar 21)
- Oracle Web Listener 4.0.x Cerberus Security Team (Mar 14)
- Re: Advisory Update: ServerIron TCP/IP predictability fixed H D Moore (Mar 14)
- Re: Advisory Update: ServerIron TCP/IP predictability fixed Max Vision (Mar 16)
- FreeBSD Security Advisory: FreeBSD-SA-00:07.mh [REVISED] FreeBSD Security Officer (Mar 19)
- Bypassing IP filters in Bordermanager 3.5 Roy Sigurd Karlsbakk (Mar 15)
- Local / Remote DoS Attack in MERCUR WebView WebMail-Client 1.0 for Windows 98/NT Vulnerability Ussr Labs (Mar 15)
- Certificate Validation Error in Netscape Browsers... Dennis W. Mattison (Little Wolf) (Mar 15)
- TESO & C-Skills development advisory -- kreatecd Sebastian (Mar 16)
- Trend Micro release patch for "OfficeScan DoS & Message Replay" V ulnerabilies Richard Sheng (Mar 16)
- Re: TESO advisory -- wmcdplay Wichert Akkerman (Mar 13)