[1][USEMAP:frame_r1_c1.gif]   [frame_r1_c3.gif]
   [2]Japanese
   
   SNS Advisory
   [title2_r1_c1.gif]
   
   [3][GoIndex.gif] [4][GoBack.gif] 
   
                                     38
                                      
   [5][GoNext.gif] [6]Japanese Edition
   
   SNS Advisory No.38
   Trend Micro Virus Buster (Ver.3.5x) Remote File Disclosure With IUSER
   Privilege Vulnerability
   
   Problem first discovered: Wed, 18 Jul 2001
   Published: Mon, 20 Aug 2001
     _________________________________________________________________
   
   Overview:
   
   Trend Micro Virus Buster (a.k.a Officescan Corporate Edition) contains
   a vulnerability which allows attackers to read arbitrary files with
   IUSER privilege.
   
   Problem Description: 
   
   Trend Micro Virus Buster is an antivirus software for enterprise use.
   It provides central virus reporting, automatic virus pattern updates,
   and Web-based remote management console. A vulnerability lies in
   cgiWebupdate.exe, which is one of cgi programs and is used for remote
   management. This problem can allow remote users to read arbitrary
   files with IUSER privilege. "Virus Buster Corporate Edition" is
   provided only as Japanese version, which is a.k.a "Officescan
   Corporate Edition" of English version. SNS Team has still been working
   with Trend Micro on this problem of "Officescan Corporate Edition".
   Therefore, this issue will be published as soon as more information
   becomes available.
   
     Tested Version:
     
     Trend Micro Virus Buster Corporate Edition Version 3.52
     Trend Micro Virus Buster Corporate Edition Version 3.53
     Trend Micro Virus Buster Corporate Edition Version 3.54
     
     Tested OS:
     
     Windows 2000 Server [Japanese]
     
     Patch Information:
     
     The patch is available at the following site:[7]
     http://www.trendmicro.co.jp/esolution/solutionDetail.asp?solutionId
     =3086
     
     Discovered by:
     
     Nobuo Miwa (LAC )[8]n-miwa@lac.co.jp
     
     Disclaimer:
     
     All information in these advisories are subject to change without
     any advanced notices neither mutual consensus, and each of them is
     released as it is. LAC Co.,Ltd. is not responsible for any risks of
     occurrences caused by applying those information.
     _________________________________________________________________
   
     Copyright(c) 1995-2002 Little eArth Corporation

References

   1. LYNXIMGMAP:http://www.lac.co.jp/security/english/snsadv_e/38_e.html#r1_c1Map
   2. http://www.lac.co.jp/security/index.html
   3. http://www.lac.co.jp/security/english/snsadv_e/index.html
   4. http://www.lac.co.jp/security/english/snsadv_e/37_e.html
   5. http://www.lac.co.jp/security/english/snsadv_e/39_e.html
   6. http://www.lac.co.jp/security/intelligence/SNSAdvisory/38.html
   7. http://www.trendmicro.co.jp/esolution/solutionDetail.asp?solutionId=3086
   8. mailto:n-miwa@lac.co.jp