CVE-2006-0642
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
83.0%
Trend Micro ServerProtect 5.58, and possibly InterScan Messaging Security Suite and InterScan Web Security Suite, have a default configuration setting of “Do not scan compressed files when Extracted file count exceeds 500 files,” which may be too low in certain circumstances, which allows remote attackers to bypass anti-virus checks by sending compressed archives containing many small files. NOTE: since this is related to a configuration setting that has an operational impact that might vary depending on the environment, and the product is claimed to report a message when the compressed file exceeds specified limits, perhaps this should not be included in CVE.
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| trend_micro | interscan_messaging_security_suite | * | cpe:2.3:a:trend_micro:interscan_messaging_security_suite:*:*:*:*:*:*:*:* |
| trend_micro | interscan_web_security_suite | * | cpe:2.3:a:trend_micro:interscan_web_security_suite:*:*:*:*:*:*:*:* |
| trend_micro | serverprotect | 5.58 | cpe:2.3:a:trend_micro:serverprotect:5.58:*:emc:*:*:*:*:* |
References
www.packetstormsecurity.org/0602-advisories/Bypass.pdf
www.packetstormsecurity.org/filedesc/Bypass.pdf.html
www.securityfocus.com/archive/1/423896/100/0/threaded
www.securityfocus.com/archive/1/423913/100/0/threaded
www.securityfocus.com/archive/1/423914/100/0/threaded
www.securityfocus.com/archive/1/424172/100/0/threaded
www.securityfocus.com/archive/1/424598/100/0/threaded
www.securityfocus.com/bid/16483
exchange.xforce.ibmcloud.com/vulnerabilities/24658
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
83.0%