Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

[SNS Advisory No.30] Trend Micro InterScan VirusWall for Windows NT 3.51 reconfiguration without authentication

From: SNS Advisory <snsadv () lac co jp>
Date: Tue, 12 Jun 2001 17:13:26 +0900
SNS Advisory No.30 
Trend Micro InterScan VirusWall for Windows NT 3.51 reconfiguration 
without authentication

Problem first discovered: 24 May 2001
Published: 12 Jun 2001 
Last Updated:12 Jun 2001 
-----------------------------------------------------------------------

Overview
---------
It is possible for a remote user to improperly gain access to admin 
functions of InterScan VirusWall for Windows NT.

Problem Description
--------------------
To change configurations via web browser, access to following URL: 

http://VirusWall/interscan/cgi-bin/interscan.dll 

Then, no authentication is required and any remote user can change
configuration setting.

Tested Version
---------------
InterScan VirusWall for Windows NT 3.51J Japanese
InterScan VirusWall for Windows NT 3.51 English

Tested OS
----------
Windows NT 4.0 Server SP6a [English Version] 
Windows NT 4.0 Server SP6a [Japanese Version] 

Patch Information
------------------
Trend Micro support team responded nothing. 

Until the patch will be released, set up access control to refuse access
to servers in which InterScan VirusWall is installed by non-administrative
user.

Discovered by
--------------
Nobuo Miwa (LAC / n-miwa () lac co jp)

Disclaimer
-----------
All information in this advisories are subject to change without any 
advanced notices neither mutual consensus, and each of them is released
as it is. LAC Co.,Ltd. is not responsible for any risks of occurrences
caused by applying those information.

References
----------
Archive of this advisory:
        http://www.lac.co.jp/security/english/snsadv_e/30_e.html

SNS Advisory:
        http://www.lac.co.jp/security/english/snsadv_e/

LAC:
        http://www.lac.co.jp/security/english/

------------------------------------------------------------------
Secure Net Service(SNS) Security Advisory <snsadv () lac co jp>
Computer Security Laboratory, LAC  http://www.lac.co.jp/security/
Previous By Date Next
Previous By Thread Next

Current thread: