mailing list archives
PC-Cillin 6.x DoS Attack
From: dannys () KAREMOR COM (Daniel P. Stasinski)
Date: Thu, 30 Dec 1999 11:37:09 -0700
Version 6.x of Trend Micro's PC-Cillin Anti-Virus software can be
subjected to a remote DoS attack and possibly authorized relays.
As part of it's Java/ActiveX protection, it routes all http
requests through its own internal proxy on port 8431.
Unfortunately, it allows anyone anywhere to connect to that port
and dump enough data through it to saturate an unexpected victims
connection. Their tech's could not confirm or deny if remote
users are able to get an outbound connection from the victims
I have contacted Trend Micro, and they are aware of the problem
but have no plans for a hot patch. They did say it would be
fixed in the next major release (v7.0 ?)
| Daniel P. Stasinski | KareMor International, Inc.
| Software Engineer | 2401 South 24th Street
| Internet Services Dept. | Phoenix, AZ 85034
| daniels () karemor com | http://www.karemor.com