Content Scanning Bypass in Trend Micro InterScan VirusWall HTTP Proxy
CVE-2002-0440

Currently unrated

Key Information:

Vendor: Trend Micro
Status: Interscan Viruswall
Vendor: CVE Published:; 26 July 2002

🔔 Create Trend Micro Vulnerability Alert

What is CVE-2002-0440?

The Trend Micro InterScan VirusWall HTTP proxy 3.6 has a known issue that allows malicious web servers to bypass content scanning. This vulnerability exploits the configuration option 'Skip scanning if Content-length equals 0'. When this option is enabled, attackers can craft HTTP requests with a Content-length header set to 0, which some HTTP clients may disregard, allowing potentially harmful content to bypass security measures. It is crucial for users of this product to disable this option and review their settings to prevent exploitation.

References

http://www.inside-security.de/vwall_cl0.html

x_refsource_MISC

http://seclists.org/lists/bugtraq/2002/Mar/0162.html

mailing-listx_refsource_BUGTRAQ

http://www.iss.net/security_center/static/8425.php

vdb-entryx_refsource_XF

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 26, 2002
Vulnerability Reserved
Jun 7, 2002