Trend Micro OfficeScan 'cgiRecvFile.exe' Buffer Overflow

2008-09-1700:00:00

Tenable

www.tenable.com

JSON

Trend Micro OfficeScan or Client Server Messaging Security is installed on the remote host. The installed version is affected by a buffer overflow vulnerability. By setting the parameter ‘ComputerName’ to a very long string in a specially crafted HTTP request, a malicious user within the local network may be able to trigger a stack-based overflow in ‘cgiRecvFile.exe’. Exploitation of this issue requires manipulation of the parameters ‘TempFileName’, ‘NewFileSize’, and ‘Verify’ and, if successful, would result in arbitrary code execution on the remote system.

Binary data 4684.prm

VendorProductVersionCPE
trend_microofficescancpe:/a:trend_micro:officescan

Vendor	Product	Version	CPE
trend_micro	officescan		cpe:/a:trend_micro:officescan

References

Build 2424)

Build 3060)

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2437

secunia.com/secunia_research/2008-35

www.nessus.org/u?181dece3 (v8.0 Build 1361)

www.nessus.org/u?46ebb3f9 (v8.0 Service Pack 1 Patch 1

www.nessus.org/u?4cf6e9b8 (v7.6/v3.6 CSM Build 1195)

www.nessus.org/u?e96b6aa1 (v8.0 Service Pack 1

www.nessus.org/u?f0629899 (v7.3 Build 1367)

JSON