Trend Micro ServerProtect已提取文件数超出扫描绕过漏洞

漏洞信息详情

Trend Micro ServerProtect已提取文件数超出扫描绕过漏洞

• CNNVD编号：CNNVD-200602-126
• 危害等级： 中危
  
  
• CVE编号：
  CVE-2006-0642
  
• 漏洞类型：
  
  
  设计错误
  
• 发布时间：
  
  2006-02-10
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2006-02-14
  
• 厂        商：
  
  trend_micro
• 漏洞来源：
  Discovered by Mert…

Trend Micro ServerProtect 5.58，并且还可能包括InterScan Messaging Security Suite和InterScan Web Security Suite，具有一项默认设置，即\”当已提取的文件数超过500时不扫描压缩文件\”，这个限值在某些情况下可能会太小，从而使得远程攻击者可以借助发送包含众多小文件的压缩包来绕过反病毒检测。

目前厂商还没有提供补丁或者升级程序，建议使用此软件的用户随时关注厂商的主页以获取最新版本。

来源: BUGTRAQ

名称: 20060205 RE: Trend Micro ServerProtect version 5.58 can be easily circumvented via the mechanism that limits how many files to scan.

链接:http://www.securityfocus.com/archive/1/archive/1/424172/100/0/threaded

来源: BUGTRAQ

名称: 20060203 Re: Trend Micro ServerProtect version 5.58 can be easily circumvented via the mechanism that limits how many files to scan.

链接:http://www.securityfocus.com/archive/1/archive/1/423914/100/0/threaded

来源: BUGTRAQ

名称: 20060203 Re: Trend Micro ServerProtect version 5.58 can be easily circumvented via the mechanism that limits how many files to scan.

链接:http://www.securityfocus.com/archive/1/archive/1/423913/100/0/threaded

来源: BUGTRAQ

名称: 20060203 Trend Micro ServerProtect version 5.58 can be easily circumvented via the mechanism that limits how many files to scan.

链接:http://www.securityfocus.com/archive/1/archive/1/423896/100/0/threaded

来源: MISC

链接:http://www.packetstormsecurity.org/filedesc/Bypass.pdf.html

来源: MISC

链接:http://www.packetstormsecurity.org/0602-advisories/Bypass.pdf

来源: XF

名称: serverprotect-file-scanning-bypass(24658)

链接:http://xforce.iss.net/xforce/xfdb/24658

来源: BID

名称: 16483

链接:http://www.securityfocus.com/bid/16483

来源: BUGTRAQ

名称: 20060206 Fwd: Trend Micro ServerProtect version 5.58 can be easily circumvented via the mechanism that limits how many files to scan.

链接:http://www.securityfocus.com/archive/1/archive/1/424598/100/0/threaded