SecuriTeam"! - Trend Micro Products Web Management Authentication Bypass(情報元のブックマーク数)
ウイルスバスターCorp版のWeb管理画面の認証を回避できる脆弱性が存在するそうです。
ランダムセッショントークンで1秒ごとに作られる?ので、ブルートフォースで認証が解けるみたいです。
Vulnerable Systems:
- Trend Micro OfficeScan version 7.0
- Trend Micro OfficeScan version 7.3
- Trend Micro OfficeScan version 8.0
- Worry-Free Business Security version 5.0
- Trend Micro Client/Server/Messaging Suite version 3.5
- Trend Micro Client/Server/Messaging Suite version 3.6
Trend Micro Products Web Management Authentication Bypass
The vulnerability is caused by insufficient entropy being used to create a random session token for identifying an authenticated manager using the web management console. The entropy in the session token comes solely from the system time when the real manager logs in with a granularity of one second. This can be exploited to impersonate a currently logged on manager by brute forcing the authentication token.
Successful exploitation further allows execution of arbitrary code via manipulation of the configuration.
英語版はパッチが出ているそうです。
Solution:
Apply patches.
Trend Micro OfficeScan 8.0 Service Pack 1:
http://www.trendmicro.com/ftp/product....0_SP1_Win_EN_CriticalPatch_B2402.exe
Trend Micro OfficeScan 8.0:
http://www.trendmicro.com/ftp/product...CE_8.0_Win_EN_CriticalPatch_B1351.exe
Trend Micro OfficeScan 8.0 Service Pack 1 Patch 1:
http://www.trendmicro.com/ftp/product...Patch1_Win_EN_CriticalPatch_B3037.exe
Worry-Free Business Security 5.0:
http://www.trendmicro.com/ftp/product...FBS_50_WIN_EN_CriticalPatch_B1404.exe