This Remote host is installed with Trend Micro OfficeScan, which is prone to Buffer Overflow Vulnerability.

Remote exploitation could allow execution of arbitrary code to cause complete compromise of system and failed attempt leads to denial of service condition. Impact Level : Application/System.

Partially Fixed. Fix is available for Trend Micro OfficeScan 8.0, 7.3 and Client Server Messaging Security (CSM) 3.6. Apply patch Trend Micro OfficeScan Corporate Edition 8.0 from http://www.trendmicro.com/ftp/products/patches/OSCE_8.0_Win_EN_CriticalPatch_B1361.exe http://www.trendmicro.com/ftp/products/patches/OSCE_8.0_SP1_Win_EN_CriticalPatch_B2424.exe http://www.trendmicro.com/ftp/products/patches/OSCE_8.0_SP1_Patch1_Win_EN_CriticalPatch_B3060.exe Apply patch Trend Micro OfficeScan Corporate Edition 7.3 from http://www.trendmicro.com/ftp/products/patches/OSCE_7.3_Win_EN_CriticalPatch_B1367.exe Apply patch Trend Micro Client Server Messaging Security (CSM) 3.6 from http://www.trendmicro.com/ftp/products/patches/CSM_3.6_OSCE_7.6_Win_EN_CriticalPatch_B1195.exe

The flaw is due to error in cgiRecvFile.exe can be exploited to cause a stack based buffer overflow by sending a specially crated HTTP request with a long ComputerName parameter.

Trend Micro OfficeScan Corporate Edition version 8.0 Trend Micro OfficeScan Corporate Edition versions 7.0 and 7.3 Trend Micro Client Server Messaging Security (CSM) for SMB versions 2.x and 3.x

• http://secunia.com/advisories/31342/
• http://securitytracker.com/alerts/2008/Sep/1020860.html
• http://www.juniper.net/security/auto/vulnerabilities/vuln31139.html

---

Updated on 2015-03-25