Trend Micro InterScan Web Security Suite Local Privilege Escalation

Added: 12/09/2011
BID: 50380
OSVDB: 76637

Background

Trend Micro InterScan Web Security Suite is an application which dynamically defends against web-based attacks at the Internet gateway.

Problem

Trend Micro InterScan Web Security Suite is vulnerable to local privilege escalation vulnerability. The binary "patchCmd" has sticky permissions for the "setuid" and "setgid" with the user root. The code performs a setuid(0) before a system() by that the execution will take root permissions regardless of user permissions. Local attackers can exploit this issue to execute arbitrary code with root privileges and completely compromise the affected computer.

Resolution

No updates which address this vulnerability are available at this time.

References

http://buguroo.com/adv/BSA-2011-002.txt
http://seclists.org/fulldisclosure/2011/Oct/871
http://us.trendmicro.com/us/products/enterprise/interscan-web-security-suite/

Limitations

This exploit has been tested against Trend Micro InterScan Web Security Suite 3.1 on Fedora 13 Linux.

Platforms

Linux
SunOS / Solaris

Back to exploit index