OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: snsadvlac.co.jp
Date: Thu Jun 07 2001 - 21:43:32 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    SNS Advisory No.29
    Trend Micro Virus Control System(VCS) Unauthenticated CGI Usage
    Vulnerability

    Problem first discovered: 25 May 2001
    Published: 7 Jun 2001
    Last Updated: 7 Jun 2001
    ----------------------------------------------------------------------

    Overview
    --------
    The vulnerability was found in a CGI program included in TrendMicro
    Virus Control System(VCS). It may be possible for a remote user to
    access administrative program and data without authentication.

    Problem
    -------

    VCS is a software package designed to operate and manage anti virus
    product included in gateways, file servers, groupwares and clients.

    In order to manage VCS, an administrator accesses with following URL.

    http://VCSServer/tvcs/EnterPassword.html

    Password for its administrator is required then normally. By calling
    a certain CGI program with unusual way, it is possible to change its
    configuration and view configuration files.

    Details can not be disclosed now because it has not been fixed yet
    and it will not be fixed immediately.

    Tested Version
    --------------
      Virus Control System(VCS) Ver.1.8 Japanese
      Virus Control System(VCS) Ver.1.8 English

    Tested OS
    ---------
      Windows 2000 Server Japanese
      Windows 2000 Server English

    Patch Information
    -----------------
    No patches are available now.
    Trend Micro support team responded that this problem will be fixed end
    of this year.

    Until the patch will be released, set up access control to refuse access
    to servers in which VCS is installed by non-administrative user.

    Discovered by
    -------------
            MIWA Nobuo (LAC / n-miwalac.co.jp)

    Disclaimer
    -----------
    All information in this advisories are subject to change without any
    advanced notices neither mutual consensus, and each of them is released
    as it is. LAC Co.,Ltd. is not responsible for any risks of occurrences
    caused by applying those information.

    References
    ----------
    Archive of this advisory:
            http://www.lac.co.jp/security/english/snsadv_e/29_e.html

    SNS Advisory:
            http://www.lac.co.jp/security/english/snsadv_e/

    LAC:
            http://www.lac.co.jp/security/english/

    ------------------------------------------------------------------
    Secure Net Service(SNS) Security Advisory <snsadvlac.co.jp>
    Computer Security Laboratory, LAC http://www.lac.co.jp/security/