Bugtraq mailing list archives
RE: TrendMicro Interscan VirusWall security problem
From: "Pedro Quintanilha" <PQuintanilha () abril com br>
Date: Mon, 27 May 2002 11:09:20 -0300
Trend´s support (US and Brazil) confirm tha it just occurs in W32... I´ve not tested it on UX. Pedro Quintanilha Segurança da Informação Editora Abril s/a pquintanilha () abril com br +55-11-3037-4297 -----Original Message----- From: Patrick Morris [mailto:pmorris () wilshire com] Sent: Saturday, May 25, 2002 3:36 PM To: Pedro Quintanilha Cc: bugtraq () securityfocus com Subject: Re: TrendMicro Interscan VirusWall security problem This occurs on Unix installations as well. Depending what you need to know the original sender's IP for, there are several ways to work around it. On Fri, 24 May 2002, Pedro Quintanilha wrote:
In the most instalations Interscan listens on port 25 (SMTP), receives the message, scan it, and then re-send it to the "real" SMTP daemon (listening on another port), preserving the SMTP-header present in the message. But, since it doesn´t includes a new line on SMTP-header with the sender´s IP, and doesn´t write any extra log including it (it just logs virus occurrences), the final message header will not contain the real sender´s IP!!
Current thread:
- TrendMicro Interscan VirusWall security problem Pedro Quintanilha (May 25)
- <Possible follow-ups>
- RE: TrendMicro Interscan VirusWall security problem Pedro Quintanilha (May 27)