Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-1341

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2003-1341
Last Modified 05 Sep 2008 12:00:00
Published 31 Dec 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-1341

Summary

The default installation of Trend Micro OfficeScan 3.0 through 3.54 and 5.x allows remote attackers to bypass authentication from cgiChkMasterPasswd.exe and gain access to the web management console via a direct request to cgiMasterPwd.exe.

Vulnerable Systems

Application

  • Trend Micro Officescan 3.0

  • Trend Micro Officescan 3.1.1

  • Trend Micro Officescan 3.11

  • Trend Micro Officescan 3.13

  • Trend Micro Officescan 3.5

  • Trend Micro Officescan 3.54

  • Trend Micro Virus Buster 3.52

  • Trend Micro Virus Buster 3.53

  • Trend Micro Virus Buster 3.54


References

BID - 6616

XF - officescan-cgichkmasterpwd-auth-bypass(11059)

OSVDB - 6181

SECUNIA - 7881

CONFIRM - http://kb.trendmicro.com/solutions/solutionDetail.asp?solutionId=13353

VULNWATCH - 20030114 Assorted Trend Vulns Rev 2.0


Last Updated: 27 May 2016 10:38:20