Configuration Flaw in Trend Micro ServerProtect and InterScan Products
CVE-2006-0642

Currently unrated

Key Information:

Vendor: Trend Micro
Status: Interscan Web Security Suite; Interscan Messaging Security Suite; Serverprotect
Vendor: CVE Published:; 10 February 2006

Summary

A misconfiguration in Trend Micro ServerProtect 5.58 and other InterScan products allows remote attackers to exploit the default setting of not scanning compressed files when the count exceeds 500. This could facilitate the circumvention of malware detection through specially crafted compressed files containing numerous small files, potentially impacting security in diverse operational environments.

References

http://www.packetstormsecurity.org/0602-advisories/Bypass...

x_refsource_MISC

http://www.securityfocus.com/archive/1/424598/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://www.securityfocus.com/archive/1/423896/100/0/threaded

mailing-listx_refsource_BUGTRAQ

Timeline

Vulnerability published
Feb 10, 2006
Vulnerability Reserved
Feb 10, 2006