FYI...
Trend Micro OfficeScan vuln - updates available
- http://atlas.arbor.net/briefs/index#-1118575019
July 17, 2007 - "A malicious web request with an overly long session cookie can be sent to the Trend Micro OfficeScan web interface to trigger a buffer overflow in the component CGIOCommon.dll. Successful exploitation can allow the remote, anonymous attacker to execute code on the system with the permissions of the IIS web server. Trend Micro has released updated code to address this issue.
Analysis: This is a relatively trivial attack to launch for most attackers. We have not yet seen tools to exploit this, but we expect that some will be developed soon.
Source:
> http://labs.idefense.com/intelligenc...lay.php?id=559
7.16.07 - "...Trend Micro has addressed this vulnerability by releasing the following patches for affected products.
CSM3.6 security patch 1149
CSM3.5 security patch 1152
CSM3.0 security patch 1209
http://www.trendmicro.com/download/p...p?productid=39
OSCE 8.0 security patch 1042
OSCE 7.3 security patch 1293
OSCE 7.0 security patch 1364
OSCE 6.5 security patch 1364
OSCE 6.0 for SMB2.0 security patch 1398
http://www.trendmicro.com/download/p...sp?productid=5 ..."
.