Search Related Articles All Products Worry-Free Business Security Standard/AdvancedOfficeScanHosted Email SecurityControl ManagerInterScan Messaging Security SuiteDeep Security Advanced Reporting and Management for InterScan Web SecurityClient / Server Suite for SMBClient Server Messaging Security for SMBControl ManagerCore Protection for Virtual MachinesCore Protection ModuleData Loss PreventionData Loss Prevention EndpointDeep SecurityEmail Reputation ServicesEmail Security Platform for Service Providers - White LabelEndpoint Security PlatformHosted Email SecurityHosted Email Security - Inbound FilteringInstant Messaging SecurityInterScan eManagerInterScan Gateway Security ApplianceInterScan Messaging Security Appliance 5000InterScan Messaging Security SuiteInterScan Messaging Security Virtual ApplianceInterScan VirusWallInterScan VirusWall for NTInterScan VirusWall for SMBInterScan Web Security Appliance 2500InterScan Web Security SuiteInterScan Web Security Virtual ApplianceInterScan WebProtectIntrusion Defense FirewallLeakProofLicensing Management PlatformMobile Armor DataArmor Full Disk EncryptionMobile Armor PolicyServerNetwork VirusWallOfficeScanPortalProtectScanMail for ExchangeScanMail for Lotus DominoSecureCloudServerProtect for EMC CelerraServerProtect for LinuxServerProtect for Microsoft Windows/Novell NetwareServerProtect for Network Appliance FilerThreat Discovery ApplianceThreat Intelligence ManagerTrend Micro Email Encryption GatewayTrend Micro Email Encryption HostedTrend Micro Encryption for EmailTrend Micro Endpoint EncryptionTrend Micro Mobile SecurityTrend Micro SafeSync for BusinessTrend Micro Security for MacintoshTrend Micro Smart Protection ServerTrend Micro Vulnerability Management ServicesWorry-Free Business Security HostedWorry-Free Business Security ServicesWorry-Free Business Security Services for DellWorry-Free Business Security Standard/AdvancedWorry-Free Remote Manager Business Knowledge Base All Support Advanced Search | View Search Tips [Vulnerability Confirmation] CASProcessor.exe can be used to execute a code remotely in Trend Micro Control Manager (TMCM) using a malformed BLOB[Vulnerability Confirmation] CasLogDirectInsertHandler.cs can be used to execute a code remotely in Trend Micro Control Manager[Vulnerability Confirmation] Trend Micro Control Manager (TMCM) Server-Agent Communication Remote Code Execution VulnerabilityUnable to access the OfficeScan 7.0 configuration page in the Trend Micro Control Manager (TMCM) 3.0 Management ConsoleRegistering ServerProtect for Linux 3.0 (SPLX) to Trend Micro Control Manager (TMCM) server using command line More [Vulnerability Confirmation] CASProcessor.exe can be used to execute a code remotely in Trend Micro Control Manager (TMCM) using a malformed BLOBSolution IDLast Updated1058292Date : 2011/07/20 Time: 7:38 PM (PST)Product/VersionPlatformControl Manager - 3.5, 5.0, 5.5Windows - 2003 Enterprise Server, 2003 Standard Server Edition, 2003 Standard Server Edition 64-bit, 2008 Enterprise Server, 2008 Enterprise Server Edition 64-bit, 2008 Standard Server Edition, 2008 Standard Server Edition 64-bit
Search Related Articles All Products Worry-Free Business Security Standard/AdvancedOfficeScanHosted Email SecurityControl ManagerInterScan Messaging Security SuiteDeep Security Advanced Reporting and Management for InterScan Web SecurityClient / Server Suite for SMBClient Server Messaging Security for SMBControl ManagerCore Protection for Virtual MachinesCore Protection ModuleData Loss PreventionData Loss Prevention EndpointDeep SecurityEmail Reputation ServicesEmail Security Platform for Service Providers - White LabelEndpoint Security PlatformHosted Email SecurityHosted Email Security - Inbound FilteringInstant Messaging SecurityInterScan eManagerInterScan Gateway Security ApplianceInterScan Messaging Security Appliance 5000InterScan Messaging Security SuiteInterScan Messaging Security Virtual ApplianceInterScan VirusWallInterScan VirusWall for NTInterScan VirusWall for SMBInterScan Web Security Appliance 2500InterScan Web Security SuiteInterScan Web Security Virtual ApplianceInterScan WebProtectIntrusion Defense FirewallLeakProofLicensing Management PlatformMobile Armor DataArmor Full Disk EncryptionMobile Armor PolicyServerNetwork VirusWallOfficeScanPortalProtectScanMail for ExchangeScanMail for Lotus DominoSecureCloudServerProtect for EMC CelerraServerProtect for LinuxServerProtect for Microsoft Windows/Novell NetwareServerProtect for Network Appliance FilerThreat Discovery ApplianceThreat Intelligence ManagerTrend Micro Email Encryption GatewayTrend Micro Email Encryption HostedTrend Micro Encryption for EmailTrend Micro Endpoint EncryptionTrend Micro Mobile SecurityTrend Micro SafeSync for BusinessTrend Micro Security for MacintoshTrend Micro Smart Protection ServerTrend Micro Vulnerability Management ServicesWorry-Free Business Security HostedWorry-Free Business Security ServicesWorry-Free Business Security Services for DellWorry-Free Business Security Standard/AdvancedWorry-Free Remote Manager Business Knowledge Base All Support Advanced Search | View Search Tips [Vulnerability Confirmation] CASProcessor.exe can be used to execute a code remotely in Trend Micro Control Manager (TMCM) using a malformed BLOB[Vulnerability Confirmation] CasLogDirectInsertHandler.cs can be used to execute a code remotely in Trend Micro Control Manager[Vulnerability Confirmation] Trend Micro Control Manager (TMCM) Server-Agent Communication Remote Code Execution VulnerabilityUnable to access the OfficeScan 7.0 configuration page in the Trend Micro Control Manager (TMCM) 3.0 Management ConsoleRegistering ServerProtect for Linux 3.0 (SPLX) to Trend Micro Control Manager (TMCM) server using command line More [Vulnerability Confirmation] CASProcessor.exe can be used to execute a code remotely in Trend Micro Control Manager (TMCM) using a malformed BLOBSolution IDLast Updated1058292Date : 2011/07/20 Time: 7:38 PM (PST)Product/VersionPlatformControl Manager - 3.5, 5.0, 5.5Windows - 2003 Enterprise Server, 2003 Standard Server Edition, 2003 Standard Server Edition 64-bit, 2008 Enterprise Server, 2008 Enterprise Server Edition 64-bit, 2008 Standard Server Edition, 2008 Standard Server Edition 64-bit
Problem Description SEG has been notified of a product vulnerability in TMCM. Remote attackers are able to execute an arbitrary code on vulnerable installations of TMCM. Authentication is not required to exploit this vulnerability. The specific flaw can be found in the En_Utility.dll file and on a module called CASProcessor.exe that is running on the TCP port 20801. A specially crafted packet with malformed BLOB encrypted data is handled by the HandleMcpRequest(). It contains instructions that will allow for an integer wrap that leads to a heap overflow. An attacker can leverage on this vulnerability to execute the code under the context of the SYSTEM. The following are affected by this vulnerability: · TMCM 5.5 · TMCM 5.0 This was first reported from TippingPoint Zero Day Initiative (ZDI-CAN-1139). Solution To resolve this, please contact Trend Micro Technical Support for the associated Critical Patch or hot fix.
Problem Description SEG has been notified of a product vulnerability in TMCM. Remote attackers are able to execute an arbitrary code on vulnerable installations of TMCM. Authentication is not required to exploit this vulnerability. The specific flaw can be found in the En_Utility.dll file and on a module called CASProcessor.exe that is running on the TCP port 20801. A specially crafted packet with malformed BLOB encrypted data is handled by the HandleMcpRequest(). It contains instructions that will allow for an integer wrap that leads to a heap overflow. An attacker can leverage on this vulnerability to execute the code under the context of the SYSTEM. The following are affected by this vulnerability: · TMCM 5.5 · TMCM 5.0 This was first reported from TippingPoint Zero Day Initiative (ZDI-CAN-1139). Solution To resolve this, please contact Trend Micro Technical Support for the associated Critical Patch or hot fix.
Connect with us on
| | | |