Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0440

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2002-0440
Last Modified 10 Sep 2008 03:12:04
Published 26 Jul 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-0440

Summary

Trend Micro InterScan VirusWall HTTP proxy 3.6 with the "Skip scanning if Content-length equals 0" option enabled allows malicious web servers to bypass content scanning via a Content-length header set to 0, which is often ignored by HTTP clients.

Vulnerable Systems

Application

  • Trend Micro Interscan Viruswall 3.51

  • Trend Micro Interscan Viruswall 3.6


References

BID - 4265

XF - interscan-viruswall-http-proxy-bypass(8425)

MISC - http://www.inside-security.de/vwall_cl0.html

BUGTRAQ - 20020311 VirusWall HTTP proxy content scanning circumvention


Last Updated: 27 May 2016 10:36:54