CERTVU:888283TrendMicro InterScan WebManager contains buffer overflow in RegGo.dll
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
Percentile
86.9%
Overview
A remotely exploitable buffer overflow exists in Trend Micro InterScan WebManager.
Description
InterScan WebManager is an application that inspects http traffic flowing into a network for known malicious code. This application also has the capability to restrict access to adult/unproductive web sites, manage and monitor web usage, monitor and control http traffic, and provide digital certificate revocation checking in SSL connections. If a secure Web siteβs digital certificate has been revoked, InterScan WebManager has the capability to terminate the transaction.
A remotely exploitable buffer overflow exists in the RegGo dynamic link library module included in Trend Micro InterScan WebManager. This module provides management features for the system administrator over an http interface.
Impact
Attackers can execute arbitrary code with privileges equivalent to the web server process, typically SYSTEM. Attackers may also be able to inspect and modify all http traffic flowing through the device. Additionally, attackers may be able to disable digital certificate revocation checking in SSL connections thereby allowing access to intentionally malicious websites.
Solution
Trend Micro has indicated that this vulnerability has been eliminated in TrendMicro InterScan WebManager version 2.1. Contact Trend Micro for the upgrade.
Vendor Information
888283
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
Javascript is disabled. Click here to view vendors.
Trend Micro __ Affected
Notified: July 12, 2001 Updated: August 15, 2001
Status
Affected
Vendor Statement
βWe are sorry to inform you that there is a minor bug in Trend Micro InterScan WebManager. We have fixed the bug in the next version of this product, Trend Micro InterScan WebManager version 2.1. The upgrade is now available for testing for customers using the product on English language operating systems. Please contact Trend Micro for download information.β
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23888283 Feedback>).
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | ||
| Temporal | ||
| Environmental |
References
- <http://www.securityfocus.com/bid/2959>
- <http://www.lac.co.jp/security/english/snsadv_e/36_e.html>
Acknowledgements
This vulnerability was discovered by Little eArth Corporation Co., Ltd and was made public on July 2, 2001.
This document was written by Ian A. Finlay.
Other Information
| CVE IDs: | CVE-2001-0761 |
|---|---|
| Severity Metric: | 40.50 Date Public: |
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
Percentile
86.9%