|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Patch for InterScan VirusWall for Unix now available
The Unicorn (unicorn
BLACKHATS.ORG)Fri, 26 Feb 1999 23:21:49 +0100
- Messages sorted by: [ date ][ thread ][ subject ][ author ]
- Next message: Illuminatus Primus: "Re: Cobalt root exploit"
- Previous message: debian-security-announceLISTS.DEBIAN.ORG: "[SECURITY] New version of lsof fixes buffer overflow"
- In reply to: Bob Li: "Patch for InterScan VirusWall for Unix now available"
On Thu, Feb 25, 1999 at 12:28:46PM -0800, Bob Li wrote: > We have been recently notified about a potential security hole in our > InterScan Web VirusWall for Solaris product via the "BlackHats > Security Advisory". The potential problem described relates to being > able to download binaries and virus infected files by using HTTP proxy > "keep-alive" connections. > > We have looked into the description of the problem and have identified > that there was a problem with the software. As a result, we > are issuing a patch which can be obtained from Trend Micro at > http:://www.antivirus.com to resolve the problem. We have received an early release of this fix and tested it in our configuration after which we were unable to use our exploit as described in our earlier advisory. The fix disables HTTP proxy "keep-alive" messages, thus ensuring that only the data of the first GET command in the message is returned. > This issue applies to InterScan for Solaris and HP-UX. The Windows NT > version of InterScan does not have this problem. > > Bob Li > Product Manager > Trend Micro, Inc. > E-Mail: bob_li