Bugtraq mailing list archives
Re: Patch for InterScan VirusWall for Unix now available
From: unicorn () BLACKHATS ORG (The Unicorn)
Date: Fri, 26 Feb 1999 23:21:49 +0100
On Thu, Feb 25, 1999 at 12:28:46PM -0800, Bob Li wrote:
We have been recently notified about a potential security hole in our InterScan Web VirusWall for Solaris product via the "BlackHats Security Advisory". The potential problem described relates to being able to download binaries and virus infected files by using HTTP proxy "keep-alive" connections. We have looked into the description of the problem and have identified that there was a problem with the software. As a result, we are issuing a patch which can be obtained from Trend Micro at http:://www.antivirus.com to resolve the problem.
We have received an early release of this fix and tested it in our configuration after which we were unable to use our exploit as described in our earlier advisory. The fix disables HTTP proxy "keep-alive" messages, thus ensuring that only the data of the first GET command in the message is returned.
This issue applies to InterScan for Solaris and HP-UX. The Windows NT version of InterScan does not have this problem. Bob Li Product Manager Trend Micro, Inc. E-Mail: bob_li () trendmicro com Phone: 408-863-6341
---end quoted text--- Ciao, Unicorn. -- ======= _ __,;;;/ TimeWaster ================================================ ,;( )_, )~\| A Truly Wise Man Never Plays ;; // `--; Leapfrog With A Unicorn... ==='= ;\ = | ==== Youth is Not a Time in Life, It is a State of Mind! =======
Current thread:
- Patch for InterScan VirusWall for Unix now available Bob Li (Feb 25)
- Re: Patch for InterScan VirusWall for Unix now available The Unicorn (Feb 26)