CVE-2008-1365 – Trend Micro OfficeScan - Buffer Overflow (Denial of Service) (PoC)
https://notcve.org/view.php?id=CVE-2008-1365
Stack-based buffer overflow in Trend Micro OfficeScan Corporate Edition 8.0 Patch 2 build 1189 and earlier, and 7.3 Patch 3 build 1314 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a long encrypted password, which triggers the overflow in (1) cgiChkMasterPwd.exe, (2) policyserver.exe as reachable through cgiABLogon.exe, and other vectors. Desbordamiento de búfer basado en pila en Trend Micro OfficeScan Corporate Edition 8.0 Patch 2 build 1189 y anteriores y 7.3 Patch 3 build 1314 y anteriores, permite a atacantes remotos ejecutar código de su elección o provocar una denegación de servicio (caída) a través de una contraseña larga cifrada, la cual dispara el desbordamiento en (1) cgiChkMasterPwd.exe, (2) policyserver.exe alcanzable mediante cgiABLogon.exe y otros vectores. • https://www.exploit-db.com/exploits/31310 https://www.exploit-db.com/exploits/16768 http://aluigi.altervista.org/adv/officescaz-adv.txt http://secunia.com/advisories/29124 http://www.securityfocus.com/bid/28020 http://www.securitytracker.com/id?1019523 http://www.vupen.com/english/advisories/2008/0702 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2008-1366
https://notcve.org/view.php?id=CVE-2008-1366
Trend Micro OfficeScan Corporate Edition 8.0 Patch 2 build 1189 and earlier, and 7.3 Patch 3 build 1314 and earlier, allows remote attackers to cause a denial of service (process consumption) via (1) an HTTP request without a Content-Length header or (2) invalid characters in unspecified CGI arguments, which triggers a NULL pointer dereference. Trend Micro OfficeScan Corporate Edition 8.0 Patch 2 build 1189 y anteriores y 7.3 Patch 3 build 1314 y anteriores, permiten a atacantes remotos provocar una denegación de servicio (consumo de procesos) mediante (1) una petición HTTP sin una cabecera Content-Length o (2) caracteres inválidos en argumentos CGI no especificados, que disparan una referencia a un puntero nulo. • http://aluigi.altervista.org/adv/officescaz-adv.txt http://secunia.com/advisories/29124 http://www.securityfocus.com/bid/28020 http://www.securitytracker.com/id?1019522 http://www.vupen.com/english/advisories/2008/0702 • CWE-20: Improper Input Validation •
CVE-2007-0325 – Trend Micro OfficeScan - Client ActiveX Control Buffer Overflow
https://notcve.org/view.php?id=CVE-2007-0325
Multiple buffer overflows in the Trend Micro OfficeScan Web-Deployment SetupINICtrl ActiveX control in OfficeScanSetupINI.dll, as used in OfficeScan 7.0 before Build 1344, OfficeScan 7.3 before Build 1241, and Client / Server / Messaging Security 3.0 before Build 1197, allow remote attackers to execute arbitrary code via a crafted HTML document. Múltiples desbordamientos de búfer en el control ActiveX Trend Micro OfficeScan Web-Deployment SetupINICtrl en OfficeScanSetupINI.dll, como ha sido usado en OfficeScan 7.0 anterior a Build 1344, OfficeScan 7.3 anetrior a Build 1241, y Client / Server / Messaging Security 3.0 anterior a Build 1197, permite a atacantes remotos ejecutar código de su elección mediante un documento HTML artesanal. • https://www.exploit-db.com/exploits/16535 http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034288 http://osvdb.org/33040 http://secunia.com/advisories/24193 http://www.kb.cert.org/vuls/id/784369 http://www.securityfocus.com/bid/22585 http://www.securitytracker.com/id?1017664 http://www.trendmicro.com/ftp/documentation/readme/osce_70_win_en_securitypatch_1344_readme.txt http://www.vupen.com/english/advisories/2007/0638 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2006-5211
https://notcve.org/view.php?id=CVE-2006-5211
Trend Micro OfficeScan 6.0 in Client/Server/Messaging (CSM) Suite for SMB 2.0 before 6.0.0.1385, and OfficeScan Corporate Edition (OSCE) 6.5 before 6.5.0.1418, 7.0 before 7.0.0.1257, and 7.3 before 7.3.0.1053 allow remote attackers to remove OfficeScan clients via a certain HTTP request that invokes the OfficeScan CGI program. Trend Micro OfficeScan 6.0 en Client/Server/Messaging (CSM) Suite para SMB 2.0 anetrior a 6.0.0.1385, y OfficeScan Corporate Edition (OSCE) 6.5 anterior a 6.5.0.1418, 7.0 anterior a 7.0.0.1257, y 7.3 anterior a 7.3.0.1053 permite a atacantes remotos eliminar clientes OfficeScan mediante una petición HTTP determinada que invoca al programa CGI de OfficeScan. • http://secunia.com/advisories/22156 http://www.securityfocus.com/bid/20330 http://www.trendmicro.com/download/product.asp?productid=5 http://www.trendmicro.com/ftp/documentation/readme/csm_2.0_osce_6.0_win_en_securitypatch_1385_readme.txt http://www.trendmicro.com/ftp/documentation/readme/osce_6.5_win_en_securitypatch_1418_readme.txt http://www.trendmicro.com/ftp/documentation/readme/osce_7.3_win_en_securitypatch_1053_readme.txt http://www.trendmicro.com/ftp/documentation/readme/osce_70& •