Trend Micro OfficeScan Client Denial Of Service Vulnerability Network Vulnerability

Summary

This host is installed with Trend Micro OfficeScan Client and is prone to Denial of Service Vulnerability.

Impact

Successful exploitation will let the attacker terminate 'NTRtScan.exe' process and temporarily disable the real time scanning protection for the system by crafting a directory. Impact Level: System/Application

Solution

Upgrade to Trend Micro OfficeScan 10 or later, For updates refer to http://www.trendmicro.com/download/engine.asp

Insight

This flaw is due to an error while scanning directories as it fails to handle nested directories with excessively long names.

Affected

Trend Micro OfficeScan 8.0 Service Pack 1

References

http://osvdb.org/53890
http://secunia.com/advisories/34737
http://www.securityfocus.com/archive/1/archive/1/502847/100/0/threaded
http://www.vupen.com/english/advisories/2009/1146

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-1435

CVSS	Base Score: 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Wireshark PPP And NFS Dissector Denial of Service Vulnerabilities (Windows)
osTicket Support Address DoS
Wireshark IEEE 802.11 Dissector Denial of Service Vulnerability (Mac OS X)
Wireshark SigComp Universal Decompressor Virtual Machine dissector DOS Vulnerability (Win)
Oracle VM VirtualBox Local Denial of Service Vulnerability-01 Oct2013 (Linux)

Take action and discover your vulnerabilities