Detections
Analytics
Trend Micro OfficeScan Server CGI Modules Multiple Vulnerabilities
critical Nessus Plugin ID 25625
Language:
Synopsis
The remote web server is affected by multiple vulnerabilities.Description
The remote host appears to be running Trend Micro OfficeScan Server or Client Server Messaging Security for SMB.The version of OfficeScan Server or Client Server Messaging Security for SMB installed on the remote host reportedly contains a buffer overflow issue that could allow a remote attacker to execute arbitrary code with the privileges of the web server user id, by default 'SYSTEM'.
It may also allow an attacker to bypass authentication with specially crafted HTTP headers and gain access to the application's Management Console.
Solution
Apply the appropriate security patch as per the vendor advisories.See Also
http://www.nessus.org/u?2393dcfb
http://www.nessus.org/u?8a2cc8dd
https://seclists.org/fulldisclosure/2007/Jul/318
https://seclists.org/fulldisclosure/2007/Jul/319
http://www.nessus.org/u?d24cbf16
http://www.nessus.org/u?60b18f77
http://www.nessus.org/u?0ed245af
http://www.nessus.org/u?f42dc93d
http://www.nessus.org/u?fae5a0b1
http://www.nessus.org/u?0ba8ef70
Plugin Details
Severity: Critical
ID: 25625
File Name: trendmicro_officescan_cgimodules_issues.nasl
Version: 1.25
Type: remote
Family: CGI abuses
Published: 6/29/2007
Updated: 1/19/2021
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.9
CVSS v2
Risk Factor: Critical
Base Score: 10
Temporal Score: 7.4
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
Vulnerability Information
CPE: cpe:/a:trend_micro:officescan
Excluded KB Items: Settings/disable_cgi_scanning
Exploit Ease: No exploit is required
Patch Publication Date: 6/26/2007
Vulnerability Publication Date: 6/27/2007
Reference Information
CVE: CVE-2007-3454, CVE-2007-3455