Home page logo

bugtraq logo Bugtraq mailing list archives

Trend Micro release patch for "OfficeScan DoS & Message Replay" V ulnerabilies
From: Richard_Sheng () TRENDMICRO COM (Richard Sheng)
Date: Thu, 16 Mar 2000 14:46:55 -0800

Patch Available for "OfficeScan DoS & Message Replay" Vulnerability

Posted: March 16, 2000

Trend Micro has released a new version of OfficeScan Corporate Edition -
version 3.51 - that eliminates two security vulnerabilities found on
previous versions. Previous versions of OfficeScan allow intruders within a
firewall to initiate a DoS attack on the OfficeScan client (tmlisten.exe) as
well as to capture OfficeScan commands.  These commands can be replayed and
used to change other OfficeScan client configurations.

Trend OfficeScan version 3.5 or earlier versions perform incomplete parsing
and buffer overflow checking in its Windows NT client. If a malicious user,
has the ability to telnet and submit some form of message to the OfficeScan
NT client, OfficeScan service consumes 100% CPU processing power. In
addition, communication between the OfficeScan server and client was
established with insufficient encryption and authentication, which allows a
malicious user to sniff and replay OfficeScan commands.

Trend Micro has corrected the DoS attack issue by correctly parsing and
handling commands or arbitrary messages sent to the OfficeScan client.

Trend Micro has implemented MD5 Message-Digest Algorithm to ensure that the
commands between the server and the clients can not be decrypted or captured
to be replayed to other clients. For details about the MD5 encryption
algorithm see: http://theory.lcs.mit.edu/~rivest/rfc1321.txt

Affected Software Versions
Trend OfficeScan Corporate Edition 3.0
Trend OfficeScan Corporate Edition 3.11
Trend OfficeScan Corporate Edition 3.13
Trend OfficeScan Corporate Edition 3.5
Trend OfficeScan for Microsoft SBS 4.5

Patch Availability
 - http://www.antivirus.com/download/ofce_patch.htm

More Information
Please see the following references for more information related to this
 - Trend Micro Security Bulletin:

 - Frequently Asked Questions: Trend Micro Knowledge Base

Obtaining Support on this Issue
This is a fully supported release. Information on contacting Trend Micro
Technical Support is available at

Trend Micro thanks Gregory Duchemin http://www.securite-internet.com and
Jeff Stevens http://www.umeme.maine.edu for reporting the DoS and Message
Replay vulnerability to us, and working with us to protect our customers.

Richard Sheng
Product Manager
Trend Micro, Inc.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]