13 matches found
Trend Micro IWSS 3.1 - Local Privilege Escalation
source: https://www.securityfocus.com/bid/50380/info Trendmicro IWSS is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to execute arbitrary code with root privileges and completely compromise the affected computer. Trendmicro IWSS 3.1 is vulnerable;...
Trendmicro IWSS 3.1 Privilege Escalation
BUGUROO SECURITY ADVISORY ADVISORY Title: Trendmicro IWSS 3.1 privilege escalation Product: InterScan Web Security Suite IWSS Vendor: TrendMicro Advisory ID: BSA-2011-002 Advisory URL: http://buguroo.com/adv/BSA-2011-002.txt Date published: 25/10/2011 DISCLAIMER Buguroo Offensive Security, S.L...
Trend Micro IWSS 3.1 - Local Privilege Escalation
Trend Micro IWSS 3.1 - Local Privilege Escalation source: https://www.securityfocus.com/bid/50380/info Trendmicro IWSS is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to execute arbitrary code with root privileges and completely compromise the affect...
CVE-2009-0613
Trend Micro InterScan Web Security Suite IWSS 3.1 before build 1237 allows remote authenticated Auditor and Report Only users to bypass intended permission settings, and modify the system configuration, via requests to unspecified JSP pages...
Design/Logic Flaw
Trend Micro InterScan Web Security Suite IWSS 3.1 before build 1237 allows remote authenticated Auditor and Report Only users to bypass intended permission settings, and modify the system configuration, via requests to unspecified JSP pages...
CVE-2009-0612
Trend Micro InterScan Web Security Virtual Appliance IWSVA 3.x and InterScan Web Security Suite IWSS 3.x, when basic authorization is enabled on the standalone proxy, forwards the Proxy-Authorization header from Windows Media Player, which allows remote web servers to obtain credentials by offeri...
CVE-2009-0613
Trend Micro InterScan Web Security Suite (IWSS) 3.1 before build 1237 is affected. Remote authenticated Auditor and Report Only users can bypass permission controls and modify system configuration via requests to unspecified JSP pages. CVSS v2 base score is 6.0 (Medium impact) with network attack...
CVE-2009-0612
CVE-2009-0612 affects Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 3.x and InterScan Web Security Suite (IWSS) 3.x. When basic authorization is enabled on the standalone proxy, the product forwards the Proxy-Authorization header from Windows Media Player, enabling remote web serve...
TrendMicro Interscan Web Security Suite (IWSS) Default Password
Binary data 4928.prm...
趋势科技Interscan Web Security HTTP代理认证信息泄露漏洞
BUGTRAQ ID: 33687 趋势科技的InterScan Web Security Suite(IWSS)在网关处针对基于Web方式的攻击为企业网络提供动态的、集成式的安全保护。 在IWSS启用了基本授权且客户端使用Windows Media Player作为其视频播放器的情况下,WMP会发送以下格式的授权头: Proxy-Authorization: basic =xxxxxxxxxx...
Trend micro - IWSVA/IWSS - Authorization module password leak
There is possbile get username and password from "Proxy-Authorization" header, which is not correctly removed when authorization header sends WMP. Requirements: - IWSVA/IWSS basic authorization on - Client is using WMP 8-11 as video player - Standalone proxy if upstream proxy is used,...
Trend Micro IWSS Console Management Detection (HTTP)
The remote host appears to run the Trend Micro Interscan Web Security Suite. SPDX-FileCopyrightText: 2005 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Trend Micro IWSS Console Management Detection
The remote host appears to run the Trend Micro Interscan Web Security Suite. Make sure that only authorized hosts can connect to this service, as the information of its existence may help an attacker to make more sophisticated attacks against the remote network. C Tenable Network Security, Inc...