Trend Micro InterScan VirusWall Double GET Scan Bypass

1999-02-21T21:31:51
ID OSVDB:6167
Type osvdb
Reporter Unicorn(unicorn@blackhats.org)
Modified 1999-02-21T21:31:51

Description

Vulnerability Description

InterScan VirusWall for Solaris / HP-UX contains a flaw that may allow viruses to be downloaded via the Web without being scanned. This issue is triggered when the software is passed an HTTP request containing two GET statements.

Solution Description

A patch has been released to resolve this issue. A link is provided to the bugtraq posting where this patch was released.

Short Description

InterScan VirusWall for Solaris / HP-UX contains a flaw that may allow viruses to be downloaded via the Web without being scanned. This issue is triggered when the software is passed an HTTP request containing two GET statements.

References:

Vendor URL: http://www.antivirus.com Mail List Post: http://archives.neohapsis.com/archives/bugtraq/1999_1/0859.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/1999_1/0903.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/1999_1/0915.html ISS X-Force ID: 3280 CVE-1999-0378