Trend Micro InterScan VirusWall HttpSaveCSP.dll Overflow

2001-06-28T00:00:00
ID OSVDB:6173
Type osvdb
Reporter Nobuo Miwa(n-miwa@lac.co.jp)
Modified 2001-06-28T00:00:00

Description

Vulnerability Description

A remote overflow exists in Trend Micro InterScan VirusWall. The HttpSaveCSP.dll file fails to validate bounds checking resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, Trend Micro has released a patch to address this vulnerability.

Short Description

A remote overflow exists in Trend Micro InterScan VirusWall. The HttpSaveCSP.dll file fails to validate bounds checking resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.

Manual Testing Notes

http://[victim]/interscan/cgi-bin/HttpSaveCSP.dll

References:

Vendor URL: http://www.trendmicro.com/en/products/gateway/isvw/evaluate/overview.htm Security Tracker: 1001871 Related OSVDB ID: 6172 Other Advisory URL: http://www.lac.co.jp/security/english/snsadv_e/35_e.html ISS X-Force ID: 6756 CVE-2001-1574