Trend Micro OfficeScan session cookie buffer overflow

Added: 07/20/2007
CVE: CVE-2007-3454
BID: 24641
OSVDB: 36629

Background

Trend Micro OfficeScan is a centralized virus and security scan management system.

Problem

A buffer overflow vulnerability in the CGIOCommon.dll shared library allows remote attackers to execute arbitrary commands by sending a request containing a long, specially crafted session cookie.

Resolution

Install the appropriate patch for OfficeScan.

References

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=559

Limitations

Exploit works on Trend Micro OfficeScan Corporate Edition 7.3 on Windows 2000.

Exploit requires the IO-Socket-SSL PERL module to be installed on the scanning host. This module is available from http://www.cpan.org/modules/by-module/IO/.

Platforms

Windows

Back to exploit index