Trend Micro InterScan eManager Buffer Overflow Vulnerability

posted onSeptember 14, 2001

by hitbsecnews

Trend Micro InterScan eManager is a plug-in for InterScan which manages spam, message
content, and mail delivery. It can be managed through a web-based console interface.

Several CGI components of eManager contain a buffer overflow vulnerability which could
allow an attacker to execute arbitrary code within the Local System context.

It is important to note the web management console does not have an authentication
method.

Solution: As a workaround, users could disable the web management console, or enable NTLM
authentication through the Internet Service Manager for the console.

Trend Micro has released a patch to address this vulnerability for the Japanese version of
eManager:

Trend Micro InterScan eManager 3.51j:

Trend Micro patch solution3142.zip

http://www.trendmicro.co.jp/support/download/isem_nt/sol3142/solution3142.zip

bugtraq id
3327
class
Boundary Condition Error
cve
CVE-MAP-NOMATCH
remote
Yes
local
No
published
September 12, 2001
updated
September 12, 2001
vulnerable
Trend Micro InterScan eManager 3.51j
- Trend Micro InterScan VirusWall 3.32
- Microsoft Windows NT 4.0
- Trend Micro InterScan VirusWall 3.3
- Microsoft Windows NT 4.0
- Trend Micro InterScan VirusWall 3.2.3
- Microsoft Windows NT 4.0
- Trend Micro InterScan VirusWall 3.0.1
- Microsoft Windows NT 4.0
- Trend Micro InterScan VirusWall for Windows NT 3.51
- Microsoft Windows NT 4.0SP7
+ Microsoft Windows NT 4.0
- Microsoft Windows NT 4.0SP6a
+ Microsoft Windows NT 4.0
- Microsoft Windows NT 4.0SP6
+ Microsoft Windows NT 4.0
- Microsoft Windows NT 4.0SP5
+ Microsoft Windows NT 4.0
- Microsoft Windows NT 4.0SP4
+ Microsoft Windows NT 4.0
- Microsoft Windows NT 4.0SP3
+ Microsoft Windows NT 4.0
- Microsoft Windows NT 4.0SP2
+ Microsoft Windows NT 4.0
- Microsoft Windows NT 4.0SP1
+ Microsoft Windows NT 4.0
- Microsoft Windows NT 4.0
- Microsoft Windows NT 3.5.1SP5
- Microsoft Windows NT 3.5.1SP4
- Microsoft Windows NT 3.5.1SP3
- Microsoft Windows NT 3.5.1SP2
- Microsoft Windows NT 3.5.1SP1
- Microsoft Windows NT 3.5.1
- Microsoft Windows NT 3.5
- Trend Micro InterScan VirusWall for Windows NT 3.5
- Microsoft Windows NT 3.5.1SP5
- Microsoft Windows NT 3.5.1SP4
- Microsoft Windows NT 3.5.1SP3
- Microsoft Windows NT 3.5.1SP2
- Microsoft Windows NT 3.5.1SP1
- Microsoft Windows NT 3.5
- Trend Micro InterScan VirusWall for Windows NT 3.4 and previous
- Microsoft Windows NT 4.0
Trend Micro InterScan eManager 3.51
- Trend Micro InterScan VirusWall 3.32
- Microsoft Windows NT 4.0
- Trend Micro InterScan VirusWall 3.3
- Microsoft Windows NT 4.0
- Trend Micro InterScan VirusWall 3.2.3
- Microsoft Windows NT 4.0
- Trend Micro InterScan VirusWall 3.0.1
- Microsoft Windows NT 4.0
- Trend Micro InterScan VirusWall for Windows NT 3.51
- Microsoft Windows NT 4.0SP7
+ Microsoft Windows NT 4.0
- Microsoft Windows NT 4.0SP6a
+ Microsoft Windows NT 4.0
- Microsoft Windows NT 4.0SP6
+ Microsoft Windows NT 4.0
- Microsoft Windows NT 4.0SP5
+ Microsoft Windows NT 4.0
- Microsoft Windows NT 4.0SP4
+ Microsoft Windows NT 4.0
- Microsoft Windows NT 4.0SP3
+ Microsoft Windows NT 4.0
- Microsoft Windows NT 4.0SP2
+ Microsoft Windows NT 4.0
- Microsoft Windows NT 4.0SP1
+ Microsoft Windows NT 4.0
- Microsoft Windows NT 4.0
- Microsoft Windows NT 3.5.1SP5
- Microsoft Windows NT 3.5.1SP4
- Microsoft Windows NT 3.5.1SP3
- Microsoft Windows NT 3.5.1SP2
- Microsoft Windows NT 3.5.1SP1
- Microsoft Windows NT 3.5.1
- Microsoft Windows NT 3.5
- Trend Micro InterScan VirusWall for Windows NT 3.5
- Microsoft Windows NT 3.5.1SP5
- Microsoft Windows NT 3.5.1SP4
- Microsoft Windows NT 3.5.1SP3
- Microsoft Windows NT 3.5.1SP2
- Microsoft Windows NT 3.5.1SP1
- Microsoft Windows NT 3.5
- Trend Micro InterScan VirusWall for Windows NT 3.4 and previous
- Microsoft Windows NT 4.0