Trend Micro Interscan VirusWall FtpSaveCVP.dll Overflow

2001-05-31T00:00:00
ID OSVDB:6171
Type osvdb
Reporter Nobuo Miwa(n-miwa@lac.co.jp)
Modified 2001-05-31T00:00:00

Description

Vulnerability Description

A remote overflow exists in Trend Micro InterScan VirusWall. The FtpSaveCVP.dll file fails to validate bounds checking resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, Trend Micro has released a patch to address this vulnerability.

Short Description

A remote overflow exists in Trend Micro InterScan VirusWall. The FtpSaveCVP.dll file fails to validate bounds checking resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.

Manual Testing Notes

http://[victim]/interscan/cgi-bin/FtpSaveCVP.dll

References:

Vendor URL: http://www.trendmicro.com/en/products/gateway/isvw/evaluate/overview.htm Security Tracker: 1001741 Related OSVDB ID: 6170 Other Advisory URL: http://www.lac.co.jp/security/english/snsadv_e/31_e.html ISS X-Force ID: 6698 Bugtraq ID: 2870