Trend Micro OfficeScan cgiRecvFile.exe ComputerName buffer overflow

Added: 09/23/2008
CVE: CVE-2008-2437
BID: 31139
OSVDB: 48024

Background

Trend Micro OfficeScan is a centralized virus and security scan management system.

Problem

A buffer overflow vulnerability in cgiRecvFile.exe allows remote attackers to execute arbitrary commands by sending an HTTP request containing a specially crafted ComputerName parameter.

Resolution

Apply the appropriate patch.

References

http://secunia.com/secunia_research/2008-35/

Limitations

Exploit works on Trend Micro OfficeScan 7.3 Patch4.

Due to the nature of the vulnerability, the exploit is not 100% reliable on Windows Server 2003 targets with DEP enabled.

Platforms

Windows
Windows Server 2003 SP2 with DEP

Back to exploit index