[9799] in bugtraq
Re: Patch for InterScan VirusWall for Unix now available
daemon@ATHENA.MIT.EDU (The Unicorn)
Sat Feb 27 02:11:53 1999
Mail-Followup-To: Bob Li <Bob_Li@TRENDMICRO.COM>, BUGTRAQ@netspace.org
Date: Fri, 26 Feb 1999 23:21:49 +0100
Reply-To: The Unicorn <unicorn@BLACKHATS.ORG>
From: The Unicorn <unicorn@BLACKHATS.ORG>
X-To: Bob Li <Bob_Li@TRENDMICRO.COM>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <D129BBE1730AD2118A0300805FC1C2FE01394438@node2-10.trendmicro.com>; from Bob Li on Thu, Feb 25,
1999 at 12:28:46PM -0800
On Thu, Feb 25, 1999 at 12:28:46PM -0800, Bob Li wrote:
> We have been recently notified about a potential security hole in our
> InterScan Web VirusWall for Solaris product via the "BlackHats
> Security Advisory". The potential problem described relates to being
> able to download binaries and virus infected files by using HTTP proxy
> "keep-alive" connections.
>
> We have looked into the description of the problem and have identified
> that there was a problem with the software. As a result, we
> are issuing a patch which can be obtained from Trend Micro at
> http:://www.antivirus.com to resolve the problem.
We have received an early release of this fix and tested it in our
configuration after which we were unable to use our exploit as described
in our earlier advisory. The fix disables HTTP proxy "keep-alive"
messages, thus ensuring that only the data of the first GET command in
the message is returned.
> This issue applies to InterScan for Solaris and HP-UX. The Windows NT
> version of InterScan does not have this problem.
>
> Bob Li
> Product Manager
> Trend Micro, Inc.
> E-Mail: bob_li@trendmicro.com
> Phone: 408-863-6341
---end quoted text---
Ciao,
Unicorn.
--
======= _ __,;;;/ TimeWaster ================================================
,;( )_, )~\| A Truly Wise Man Never Plays
;; // `--; Leapfrog With A Unicorn...
==='= ;\ = | ==== Youth is Not a Time in Life, It is a State of Mind! =======
