Trend Micro OfficeScan Client Denial Of Service Vulnerability Network Vulnerability

Summary

This host is installed with Trend Micro OfficeScan Client and is prone to Denial of Service Vulnerability.

Impact

Successful exploitation will let the attacker terminate 'NTRtScan.exe' process and temporarily disable the real time scanning protection for the system by crafting a directory. Impact Level: System/Application

Solution

Upgrade to Trend Micro OfficeScan 10 or later, For updates refer to http://www.trendmicro.com/download/engine.asp

Insight

This flaw is due to an error while scanning directories as it fails to handle nested directories with excessively long names.

Affected

Trend Micro OfficeScan 8.0 Service Pack 1

References

http://osvdb.org/53890
http://secunia.com/advisories/34737
http://www.securityfocus.com/archive/1/archive/1/502847/100/0/threaded
http://www.vupen.com/english/advisories/2009/1146

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-1435

CVSS	Base Score: 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Wireshark SMB dissector Denial of Service Vulnerability (Windows)
Wireshark Multiple Denial of Service Vulnerabilities - July 12 (Windows)
Microsoft IIS FTP Server 'ls' Command DOS Vulnerability
ZNC NULL Pointer Dereference Denial Of Service Vulnerability
Hummingbird Connectivity FTP service XCWD Overflow

Take action and discover your vulnerabilities