[SNS Advisory No.30] Trend Micro InterScan VirusWall for Windows NT 3.51 reconfiguration without authentication

2001-06-13T00:00:00
ID SECURITYVULNS:DOC:1713
Type securityvulns
Reporter Securityvulns
Modified 2001-06-13T00:00:00

Description

SNS Advisory No.30 Trend Micro InterScan VirusWall for Windows NT 3.51 reconfiguration without authentication

Problem first discovered: 24 May 2001 Published: 12 Jun 2001 Last Updated:12 Jun 2001


Overview

It is possible for a remote user to improperly gain access to admin functions of InterScan VirusWall for Windows NT.

Problem Description

To change configurations via web browser, access to following URL:

http://VirusWall/interscan/cgi-bin/interscan.dll

Then, no authentication is required and any remote user can change configuration setting.

Tested Version

InterScan VirusWall for Windows NT 3.51J Japanese InterScan VirusWall for Windows NT 3.51 English

Tested OS

Windows NT 4.0 Server SP6a [English Version] Windows NT 4.0 Server SP6a [Japanese Version]

Patch Information

Trend Micro support team responded nothing.

Until the patch will be released, set up access control to refuse access to servers in which InterScan VirusWall is installed by non-administrative user.

Discovered by

Nobuo Miwa (LAC / n-miwa@lac.co.jp)

Disclaimer

All information in this advisories are subject to change without any advanced notices neither mutual consensus, and each of them is released as it is. LAC Co.,Ltd. is not responsible for any risks of occurrences caused by applying those information.

References

Archive of this advisory: http://www.lac.co.jp/security/english/snsadv_e/30_e.html

SNS Advisory: http://www.lac.co.jp/security/english/snsadv_e/

LAC: http://www.lac.co.jp/security/english/


Secure Net Service(SNS) Security Advisory <snsadv@lac.co.jp> Computer Security Laboratory, LAC http://www.lac.co.jp/security/