InterScan VirusWall Long HELO Buffer Overflow Vulnerability

Solution:
Trend Micro has issued a patch for this vulnerability. It is available at:
http://download.antivirus.com/ftp/products/patches/isvw331_patch.zip
While it addresses the original issue, it will still allow remote DoS attackes via a 4075-4090 character HELO argument. Trend Micro has released a beta of version 3.4 available at:
http://www.antivirus.com/download/beta_programs/

Customers who do not want to run beta software are advised to contact their Trend Micro support representative for a downgrade to a non-vulnerable previous version.



 

Privacy Statement
Copyright 2010, SecurityFocus