Details of VAR-200904-0687

ID

VAR-200904-0687

TITLE

Multiple Trend Micro Products RAR/ZIP/CAB Files Scan Evasion Vulnerability

Trust: 0.3

sources: BID: 34763

DESCRIPTION

Multiple Trend Micro products are prone to a vulnerability that may allow certain compressed archives to bypass the scan engine. Successful exploits will allow attackers to distribute files containing malicious code that the antivirus application will fail to detect. ServerProtect for Microsoft Windows/Novell NetWare ServerProtect for EMC Celerra ServerProtect for NetApp ServerProtect for Linux ServerProtect for Network Appliance Filers Internet Security Pro Internet Security OfficeScan Component Worry Free Business Security - Standard Worry Free Business Security - Advanced Worry Free Business Security Hosted Housecall InterScan Web Security Suite InterScan Web Protect for ISA InterScan Messaging Security Appliance Neatsuite Advanced ScanMail for Exchange ScanMail for Domino Suites

Trust: 0.3

sources: BID: 34763

AFFECTED PRODUCTS

vendor:	trend micro	model:	interscan viruswall	scope:	eq	version:	3.6	Trust: 1.2
vendor:	trend micro	model:	interscan viruswall	scope:	eq	version:	3.0.1	Trust: 0.6
vendor:	trend micro	model:	interscan webprotect for isa	scope:	-	version:	-	Trust: 0.3
vendor:	trend micro	model:	interscan viruswall	scope:	eq	version:	3.3	Trust: 0.3
vendor:	trend micro	model:	interscan viruswall for windows nt	scope:	eq	version:	3.51	Trust: 0.3
vendor:	trend micro	model:	interscan viruswall build	scope:	eq	version:	3.61182	Trust: 0.3
vendor:	trend micro	model:	interscan viruswall for windows	scope:	-	version:	-	Trust: 0.3
vendor:	trend micro	model:	interscan viruswall for smb windows nt	scope:	-	version:	-	Trust: 0.3
vendor:	trend micro	model:	serverprotect for windows	scope:	eq	version:	5.58	Trust: 0.3
vendor:	trend micro	model:	officescan corporate edition	scope:	eq	version:	7.0	Trust: 0.3
vendor:	trend micro	model:	scanmail for microsoft exchange	scope:	eq	version:	3.8	Trust: 0.3
vendor:	trend micro	model:	worry-free business security	scope:	eq	version:	5.0	Trust: 0.3
vendor:	trend micro	model:	interscan viruswall for windows nt	scope:	eq	version:	3.6	Trust: 0.3
vendor:	trend micro	model:	officescan corporate edition for windows nt server	scope:	eq	version:	3.13	Trust: 0.3
vendor:	trend micro	model:	serverprotect	scope:	eq	version:	5.5.8	Trust: 0.3
vendor:	trend micro	model:	serverprotect (security patch	scope:	eq	version:	5.58	Trust: 0.3
vendor:	trend micro	model:	officescan corporate edition	scope:	eq	version:	8.0	Trust: 0.3
vendor:	trend micro	model:	scanmail for domino	scope:	eq	version:	2.51	Trust: 0.3
vendor:	trend micro	model:	internet security pro	scope:	eq	version:	2009	Trust: 0.3
vendor:	trend micro	model:	interscan viruswall for unix	scope:	eq	version:	3.0.1	Trust: 0.3
vendor:	trend micro	model:	housecall	scope:	eq	version:	5.5	Trust: 0.3
vendor:	trend micro	model:	server protect	scope:	eq	version:	5.58	Trust: 0.3
vendor:	trend micro	model:	serverprotect for windows	scope:	-	version:	-	Trust: 0.3
vendor:	trend micro	model:	officescan corporate edition 8.0.patch build	scope:	eq	version:	1042	Trust: 0.3
vendor:	trend micro	model:	interscan viruswall build	scope:	eq	version:	3.71190	Trust: 0.3
vendor:	trend micro	model:	interscan viruswall for smb	scope:	-	version:	-	Trust: 0.3
vendor:	trend micro	model:	officescan corporate edition	scope:	eq	version:	6.5	Trust: 0.3
vendor:	trend micro	model:	serverprotect	scope:	eq	version:	5.3.1	Trust: 0.3
vendor:	trend micro	model:	interscan messaging security suite for linux	scope:	-	version:	-	Trust: 0.3
vendor:	trend micro	model:	interscan viruswall	scope:	eq	version:	3.1	Trust: 0.3
vendor:	trend micro	model:	interscan webmanager	scope:	eq	version:	1.2	Trust: 0.3
vendor:	trend micro	model:	serverprotect for linux	scope:	-	version:	-	Trust: 0.3
vendor:	trend micro	model:	officescan corporate edition sp1 patch	scope:	eq	version:	8.01	Trust: 0.3
vendor:	trend micro	model:	officescan corporate edition	scope:	eq	version:	3.13	Trust: 0.3
vendor:	trend micro	model:	housecall	scope:	eq	version:	6.61285	Trust: 0.3
vendor:	trend micro	model:	housecall	scope:	eq	version:	6.51.0.1028	Trust: 0.3
vendor:	trend micro	model:	officescan corporate edition for windows nt server	scope:	eq	version:	3.0	Trust: 0.3
vendor:	trend micro	model:	interscan web security suite for windows	scope:	eq	version:	3.1	Trust: 0.3
vendor:	trend micro	model:	interscan viruswall for windows nt build	scope:	eq	version:	3.521466	Trust: 0.3
vendor:	trend micro	model:	interscan websecuritysuite for linux	scope:	-	version:	-	Trust: 0.3
vendor:	trend micro	model:	officescan corporate edition	scope:	eq	version:	5.58	Trust: 0.3
vendor:	trend micro	model:	interscan messaging security suite	scope:	eq	version:	5.5.1183	Trust: 0.3
vendor:	trend micro	model:	officescan corporate edition for windows nt server	scope:	eq	version:	3.1.1	Trust: 0.3
vendor:	trend micro	model:	internet security pro	scope:	eq	version:	2008	Trust: 0.3
vendor:	trend micro	model:	serverprotect for network appliance filer	scope:	eq	version:	5.62	Trust: 0.3
vendor:	trend micro	model:	interscan viruswall	scope:	eq	version:	3.81	Trust: 0.3
vendor:	trend micro	model:	internet security	scope:	eq	version:	2009	Trust: 0.3
vendor:	trend micro	model:	officescan corporate edition patch build	scope:	eq	version:	8.0211	Trust: 0.3
vendor:	trend micro	model:	interscan emanager for windows	scope:	eq	version:	3.5.2	Trust: 0.3
vendor:	trend micro	model:	officescan	scope:	eq	version:	7.3	Trust: 0.3
vendor:	trend micro	model:	interscan web security suite for solaris	scope:	-	version:	-	Trust: 0.3
vendor:	trend micro	model:	interscan viruswall for smb linux	scope:	-	version:	-	Trust: 0.3
vendor:	trend micro	model:	interscan emanager j	scope:	eq	version:	3.51	Trust: 0.3
vendor:	trend micro	model:	serverprotect for linux	scope:	eq	version:	1.2	Trust: 0.3
vendor:	trend micro	model:	officescan corporate edition	scope:	eq	version:	3.0	Trust: 0.3
vendor:	trend micro	model:	officescan corporate edition	scope:	eq	version:	3.54	Trust: 0.3
vendor:	trend micro	model:	office scan	scope:	eq	version:	7.3	Trust: 0.3
vendor:	trend micro	model:	interscan viruswall	scope:	eq	version:	3.32	Trust: 0.3
vendor:	trend micro	model:	interscan viruswall for aix	scope:	-	version:	-	Trust: 0.3
vendor:	trend micro	model:	interscan websecuritysuite for linux ja	scope:	eq	version:	1.0	Trust: 0.3
vendor:	trend micro	model:	interscan webmanager	scope:	eq	version:	2.1	Trust: 0.3
vendor:	trend micro	model:	officescan corporate edition build	scope:	eq	version:	7.31314	Trust: 0.3
vendor:	trend micro	model:	officescan	scope:	eq	version:	7.0	Trust: 0.3
vendor:	trend micro	model:	scanmail for domino	scope:	eq	version:	2.6	Trust: 0.3
vendor:	trend micro	model:	interscan viruswall scan engine	scope:	eq	version:	7.510-1002	Trust: 0.3
vendor:	trend micro	model:	interscan messaging security suite for linux	scope:	eq	version:	5.1.1	Trust: 0.3
vendor:	trend micro	model:	interscan emanager	scope:	eq	version:	3.51	Trust: 0.3
vendor:	trend micro	model:	interscan messaging security suite	scope:	eq	version:	5.5	Trust: 0.3
vendor:	trend micro	model:	interscan messaging security suite	scope:	eq	version:	3.81	Trust: 0.3
vendor:	trend micro	model:	interscan viruswall for windows nt	scope:	eq	version:	3.4	Trust: 0.3
vendor:	trend micro	model:	internet security	scope:	eq	version:	2008	Trust: 0.3
vendor:	trend micro	model:	interscan messaging security suite for windows	scope:	-	version:	-	Trust: 0.3
vendor:	trend micro	model:	officescan corporate edition	scope:	eq	version:	5.02	Trust: 0.3
vendor:	trend micro	model:	officescan corporate edition	scope:	eq	version:	6.0	Trust: 0.3
vendor:	trend micro	model:	interscan viruswall for windows nt	scope:	eq	version:	5.1	Trust: 0.3
vendor:	trend micro	model:	interscan viruswall build	scope:	eq	version:	3.61166	Trust: 0.3
vendor:	trend micro	model:	officescan for microsoft sbs	scope:	eq	version:	4.5	Trust: 0.3
vendor:	trend micro	model:	scanmail for microsoft exchange	scope:	eq	version:	6.2	Trust: 0.3
vendor:	trend micro	model:	interscan web security suite for linux	scope:	eq	version:	3.1	Trust: 0.3
vendor:	trend micro	model:	officescan corporate edition	scope:	eq	version:	5.5	Trust: 0.3
vendor:	trend micro	model:	interscan viruswall	scope:	eq	version:	3.52	Trust: 0.3
vendor:	trend micro	model:	officescan corporate edition	scope:	eq	version:	7.3	Trust: 0.3
vendor:	trend micro	model:	interscan web security suite for windows	scope:	-	version:	-	Trust: 0.3
vendor:	trend micro	model:	scanmail for microsoft exchange	scope:	eq	version:	3.81	Trust: 0.3
vendor:	trend micro	model:	officescan sp patch	scope:	eq	version:	8.011	Trust: 0.3
vendor:	trend micro	model:	officescan corporate edition for windows nt server	scope:	eq	version:	3.5	Trust: 0.3
vendor:	trend micro	model:	interscan webmanager	scope:	eq	version:	2.0	Trust: 0.3
vendor:	trend micro	model:	internet security suite	scope:	eq	version:	20070	Trust: 0.3
vendor:	trend micro	model:	interscan viruswall for windows nt	scope:	eq	version:	3.5	Trust: 0.3
vendor:	trend micro	model:	serverprotect	scope:	eq	version:	5.58	Trust: 0.3
vendor:	trend micro	model:	officescan service pack	scope:	eq	version:	8.01	Trust: 0.3
vendor:	trend micro	model:	scanmail for microsoft exchange	scope:	eq	version:	6.1	Trust: 0.3
vendor:	trend micro	model:	interscan viruswall build	scope:	eq	version:	3.81130	Trust: 0.3
vendor:	trend micro	model:	officescan corporate edition for windows nt server	scope:	eq	version:	3.11	Trust: 0.3
vendor:	trend micro	model:	interscan web security suite for linux	scope:	-	version:	-	Trust: 0.3
vendor:	trend micro	model:	officescan	scope:	eq	version:	8.0	Trust: 0.3
vendor:	trend micro	model:	interscan emanager for hp	scope:	eq	version:	3.5	Trust: 0.3
vendor:	trend micro	model:	interscan emanager for linux	scope:	eq	version:	3.6	Trust: 0.3
vendor:	trend micro	model:	housecall	scope:	eq	version:	6.6.0.1278	Trust: 0.3
vendor:	trend micro	model:	serverprotect for novell netware	scope:	-	version:	-	Trust: 0.3
vendor:	trend micro	model:	interscan viruswall	scope:	eq	version:	3.7	Trust: 0.3
vendor:	trend micro	model:	interscan emanager for sun	scope:	eq	version:	3.6	Trust: 0.3
vendor:	trend micro	model:	officescan corporate edition	scope:	eq	version:	3.5	Trust: 0.3
vendor:	trend micro	model:	serverprotect for emc	scope:	eq	version:	5.58	Trust: 0.3
vendor:	trend micro	model:	serverprotect	scope:	eq	version:	5.7	Trust: 0.3
vendor:	trend micro	model:	serverprotect for network appliance filer	scope:	eq	version:	5.61	Trust: 0.3
vendor:	trend micro	model:	housecall	scope:	eq	version:	5.7	Trust: 0.3
vendor:	trend micro	model:	interscan web security virtual appliance	scope:	eq	version:	3.1	Trust: 0.3
vendor:	trend micro	model:	officescan corporate edition	scope:	eq	version:	3.11	Trust: 0.3
vendor:	trend micro	model:	officescan corporate edition for smb2.0	scope:	eq	version:	6.0	Trust: 0.3
vendor:	trend micro	model:	interscan web security suite	scope:	eq	version:	2.5	Trust: 0.3
vendor:	trend micro	model:	interscan viruswall	scope:	eq	version:	3.2.3	Trust: 0.3
vendor:	trend micro	model:	interscan messaging security suite for solaris	scope:	-	version:	-	Trust: 0.3
vendor:	trend micro	model:	interscan viruswall for windows nt	scope:	eq	version:	3.52	Trust: 0.3
vendor:	trend micro	model:	interscan viruswall for unix	scope:	eq	version:	3.6x	Trust: 0.3

sources: BID: 34763

THREAT TYPE

network

Trust: 0.3

sources: BID: 34763

TYPE

Input Validation Error

Trust: 0.3

sources: BID: 34763

EXTERNAL IDS

db:

BID

id:

34763

Trust: 0.3

sources: BID: 34763

REFERENCES

url:	http://www.trend.com	Trust: 0.3
url:	http://blog.zoller.lu/2009/04/trendmicro-multiple-evasion-and-bypass.html	Trust: 0.3
url:	/archive/1/503076	Trust: 0.3
url:	/archive/1/503078	Trust: 0.3
url:	/archive/1/503391	Trust: 0.3

sources: BID: 34763

CREDITS

Thierry Zoller

Trust: 0.3

sources: BID: 34763

SOURCES

db:

BID

id:

34763

LAST UPDATE DATE

2022-05-17T01:58:09.755000+00:00

SOURCES UPDATE DATE

db:

BID

id:

34763

date:

2009-05-11T17:46:00

SOURCES RELEASE DATE

db:

BID

id:

34763

date:

2009-04-29T00:00:00