Detections
Analytics

Trend Micro OfficeScan ofcscan.ini Configuration File Disclosure

medium Nessus Plugin ID 11074

Synopsis

The remote host has an application that is affected by an information disclosure vulnerability.

Description

The remote Trend Micro OfficeScan Corporate Edition (Japanese version:
Virus Buster Corporate Edition) web-based management console allows unauthenticated access to files under '/officescan/hotdownload'.

Reading the configuration file 'ofcscan.ini' under that location will reveal information about the target. For example, it contains passwords that are encrypted using a weak algorithm.

Solution

Contact the vendor for a fix.

See Also

http://www.nessus.org/u?f8bdd721

https://seclists.org/bugtraq/2001/Oct/102

Plugin Details

Severity: Medium

ID: 11074

File Name: officescan_disclosure.nasl

Version: 1.25

Type: remote

Family: CGI abuses

Published: 8/14/2002

Updated: 1/19/2021

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.7

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS Score Source: CVE-2001-1151

Vulnerability Information

Required KB Items: Settings/ParanoidReport

Exploit Ease: No exploit is required

Exploited by Nessus: true

Vulnerability Publication Date: 10/16/2001

Reference Information

CVE: CVE-2001-1151

BID: 3438