Sign-up

ID

VAR-201106-0311


TITLE

Trend Micro Data Loss Prevention Directory Traversal Vulnerability

Trust: 1.1

sources: IVD: c413b204-1f92-11e6-abef-000c29c66e3d // CNVD: CNVD-2011-2240 // BID: 48225

DESCRIPTION

Trend Micro Data Loss Prevention is a data leakage management system released by Trend Micro. Trend Micro Data Loss Prevention incorrectly filters the user-submitted encoded directory traversal sequence characters. An attacker can submit a malicious request to bypass the WEB ROOT limit and view the system file contents with WEB permissions. A remote attacker could exploit this vulnerability using directory-traversal strings (such as '../') to gain access to arbitrary files on the targeted system. This may result in the disclosure of sensitive information or lead to a complete compromise of the affected computer. ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Trend Micro Data Loss Prevention Management Server Directory Traversal Vulnerability SECUNIA ADVISORY ID: SA44916 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44916/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44916 RELEASE DATE: 2011-06-29 DISCUSS ADVISORY: http://secunia.com/advisories/44916/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44916/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44916 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Trend Micro Data Loss Prevention Management Server, which can be exploited by malicious people to disclose sensitive information. Input appended to the URL after /dsc is not properly verified before being used. This can be exploited to disclose the contents of arbitrary files via directory traversal sequences. The vulnerability is reported in version 5.5. Other versions may also be affected. SOLUTION: Filter malicious characters and character sequences using a proxy. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Luis Martinez and Sergio Lopez, White Hat Consultores ORIGINAL ADVISORY: White Hat Consultores: http://www.exploit-db.com/exploits/17388/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 1.08

sources: CNVD: CNVD-2011-2240 // BID: 48225 // IVD: c413b204-1f92-11e6-abef-000c29c66e3d // PACKETSTORM: 102637

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: c413b204-1f92-11e6-abef-000c29c66e3d // CNVD: CNVD-2011-2240

AFFECTED PRODUCTS

vendor:trend micromodel:data loss preventionscope:eqversion:5.5

Trust: 1.1

sources: IVD: c413b204-1f92-11e6-abef-000c29c66e3d // CNVD: CNVD-2011-2240 // BID: 48225

CVSS

SEVERITY

CVSSV2

CVSSV3

IVD: c413b204-1f92-11e6-abef-000c29c66e3d
value: HIGH

Trust: 0.2

IVD: c413b204-1f92-11e6-abef-000c29c66e3d
severity: NONE
baseScore: NONE
vectorString: NONE
accessVector: NONE
accessComplexity: NONE
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: UNKNOWN

Trust: 0.2

sources: IVD: c413b204-1f92-11e6-abef-000c29c66e3d

THREAT TYPE

network

Trust: 0.3

sources: BID: 48225

TYPE

Input Validation Error

Trust: 0.3

sources: BID: 48225

EXTERNAL IDS

db:BIDid:48225

Trust: 0.9

db:CNVDid:CNVD-2011-2240

Trust: 0.8

db:EXPLOIT-DBid:17388

Trust: 0.7

db:IVDid:C413B204-1F92-11E6-ABEF-000C29C66E3D

Trust: 0.2

db:SECUNIAid:44916

Trust: 0.2

db:PACKETSTORMid:102637

Trust: 0.1

sources: IVD: c413b204-1f92-11e6-abef-000c29c66e3d // CNVD: CNVD-2011-2240 // BID: 48225 // PACKETSTORM: 102637

REFERENCES

url:http://www.exploit-db.com/sploits/17388.pdf

Trust: 0.6

url:http://us.trendmicro.com/us/products/enterprise/data-loss-prevention/index.html

Trust: 0.3

url:http://secunia.com/products/corporate/vim/fs_request_2011/

Trust: 0.1

url:http://secunia.com/vulnerability_intelligence/

Trust: 0.1

url:http://secunia.com/advisories/secunia_security_advisories/

Trust: 0.1

url:http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

Trust: 0.1

url:http://secunia.com/advisories/about_secunia_advisories/

Trust: 0.1

url:https://ca.secunia.com/?page=viewadvisory&vuln_id=44916

Trust: 0.1

url:http://www.exploit-db.com/exploits/17388/

Trust: 0.1

url:http://secunia.com/vulnerability_scanning/personal/

Trust: 0.1

url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Trust: 0.1

url:http://secunia.com/advisories/44916/

Trust: 0.1

url:http://secunia.com/advisories/44916/#comments

Trust: 0.1

sources: CNVD: CNVD-2011-2240 // BID: 48225 // PACKETSTORM: 102637

CREDITS

Luis Martinez, Sergio Lopez,White Hat Consultores

Trust: 0.3

sources: BID: 48225

SOURCES

db:IVDid:c413b204-1f92-11e6-abef-000c29c66e3d
db:CNVDid:CNVD-2011-2240
db:BIDid:48225
db:PACKETSTORMid:102637

LAST UPDATE DATE

2022-05-17T22:40:14.920000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2011-2240date:2011-06-11T00:00:00
db:BIDid:48225date:2011-06-11T00:00:00

SOURCES RELEASE DATE

db:IVDid:c413b204-1f92-11e6-abef-000c29c66e3ddate:2011-06-11T00:00:00
db:CNVDid:CNVD-2011-2240date:2011-06-11T00:00:00
db:BIDid:48225date:2011-06-11T00:00:00
db:PACKETSTORMid:102637date:2011-06-28T05:58:10