Trend Micro OfficeScan Client Denial Of Service Vulnerability Network Vulnerability

Summary

This host is installed with Trend Micro OfficeScan Client and is prone to Denial of Service Vulnerability.

Impact

Successful exploitation will let the attacker terminate 'NTRtScan.exe' process and temporarily disable the real time scanning protection for the system by crafting a directory. Impact Level: System/Application

Solution

Upgrade to Trend Micro OfficeScan 10 or later, For updates refer to http://www.trendmicro.com/download/engine.asp

Insight

This flaw is due to an error while scanning directories as it fails to handle nested directories with excessively long names.

Affected

Trend Micro OfficeScan 8.0 Service Pack 1

References

http://osvdb.org/53890
http://secunia.com/advisories/34737
http://www.securityfocus.com/archive/1/archive/1/502847/100/0/threaded
http://www.vupen.com/english/advisories/2009/1146

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-1435
CVSS Base Score: 2.1
AV:L/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Oracle VM VirtualBox Local Denial of Service Vulnerability-01 Oct2013 (Mac OS X)
Squid Proxy Cache ICAP Adaptation Denial of Service Vulnerability
Samba 'client/mount.cifs.c' Remote Denial of Service Vulnerability
TYPSoft FTP Server 'APPE' and 'DELE' Commands DOS Vulnerability
Oracle VM VirtualBox Unspecified Denial of Service Vulnerability (Windows)

Take action and discover your vulnerabilities