Trend Micro OfficeScan Policy Server CGI buffer overflow

Added: 03/03/2008
CVE: CVE-2008-1365
BID: 28020
OSVDB: 42500

Background

Trend Micro OfficeScan is a centralized virus and security scan management system.

Problem

A buffer overflow vulnerability in the Policy Server for Cisco NAC component allows remote attackers to execute arbitrary commands by sending a long, specially crafted pwd parameter to the cgiABLogon.exe CGI program.

Resolution

Restrict access to the OfficeScan HTTP port.

References

http://secunia.com/advisories/29124/

Limitations

Exploit works on Trend Micro OfficeScan Corporate Edition 7.3.

Platforms

Windows

Back to exploit index