Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!

TUCoPS :: Security App Flaws :: vwall9~1.htm

VirusWall for NT - remote user can gain admin functions access



    Trend Micro InterScan VirusWall for Windows NT 3.51


    Following is based on a SNS Advisory No.30.  It is possible for  a
    remote  user  to  improperly  gain  access  to  admin functions of
    InterScan VirusWall for Windows NT.  To change configurations  via
    web browser, access to following URL:


    Then, no authentication is required and any remote user can change
    configuration setting.  Discovered by Nobuo Miwa.


    Trend Micro  support team  responded nothing.    Until  the  patch
    will  be  released,  set  up  access  control  to refuse access to
    servers   in   which   InterScan   VirusWall   is   installed   by
    non-administrative user.

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2015 AOH