Provided by Aanval (Snort & Syslog Intrusion Detection and Correlation Engine) www.aanval.com
--
GEN:SID | 1:2234 |
Message | WEB-MISC TOP10.dll access |
Summary | This event is generated when an attempt is made to exploit a buffer overflow in Trend Micro InterScan eManager. |
Impact | Serious. Remote administrative access is possible. |
Detailed Information | Versions of Trend Micro InterScan eManager suffer from a buffer overflow condition that can present an attacker with the opportunity to execute arbitrary code of their choosing which could lead to remote access to the server. |
Affected Systems | Trend Micro InterScan eManager 3.51 |
Attack Scenarios | If the buffer overflow condition is met, the attacker can run code of their choosing on the affected host. |
Ease of Attack | Moderate. |
Corrective Action | Upgrade to the latest non-affected version of the software. Disable the web interface Enable NTLM authentication for the administrative interface |
Additional References | Bugtraq: http://www.securityfocus.com/bid/3327 |
Rule References | bugtraq: 3327 cve: 2001-0958 nessus: 11747 |
--
DID:772613
--
http://www.aanval.com/