| Vulnerability Name: | CVE-2006-0642 (CCN-24658) | ||||||||
| Assigned: | 2006-02-06 | ||||||||
| Published: | 2006-02-06 | ||||||||
| Updated: | 2018-10-19 | ||||||||
| Summary: | Trend Micro ServerProtect 5.58, and possibly InterScan Messaging Security Suite and InterScan Web Security Suite, have a default configuration setting of "Do not scan compressed files when Extracted file count exceeds 500 files," which may be too low in certain circumstances, which allows remote attackers to bypass anti-virus checks by sending compressed archives containing many small files. Note: since this is related to a configuration setting that has an operational impact that might vary depending on the environment, and the product is claimed to report a message when the compressed file exceeds specified limits, perhaps this should not be included in CVE. | ||||||||
| CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
| ||||||||
| CVSS v2 Severity: | 5.1 Medium (CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P) 4.8 Medium (Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P/E:H/RL:U/RC:UR)
4.7 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:H/RL:U/RC:UR)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Bypass Security | ||||||||
| References: | Source: CCN Type: BugTraq Mailing List, Mon Feb 06 2006 - 01:12:26 CST Fwd: Trend Micro ServerProtect version 5.58 can be easily circumvented via the mechanism that limits how many files to scan. Source: MITRE Type: CNA CVE-2006-0642 Source: CCN Type: OSVDB ID: 22950 Multiple AntiVirus Archive File Count Scanner Bypass Source: MISC Type: Vendor Advisory http://www.packetstormsecurity.org/0602-advisories/Bypass.pdf Source: MISC Type: Vendor Advisory http://www.packetstormsecurity.org/filedesc/Bypass.pdf.html Source: BUGTRAQ Type: UNKNOWN 20060203 Trend Micro ServerProtect version 5.58 can be easily circumvented via the mechanism that limits how many files to scan. Source: BUGTRAQ Type: UNKNOWN 20060203 Re: Trend Micro ServerProtect version 5.58 can be easily circumvented via the mechanism that limits how many files to scan. Source: BUGTRAQ Type: UNKNOWN 20060203 Re: Trend Micro ServerProtect version 5.58 can be easily circumvented via the mechanism that limits how many files to scan. Source: BUGTRAQ Type: UNKNOWN 20060205 RE: Trend Micro ServerProtect version 5.58 can be easily circumvented via the mechanism that limits how many files to scan. Source: BUGTRAQ Type: UNKNOWN 20060206 Fwd: Trend Micro ServerProtect version 5.58 can be easily circumvented via the mechanism that limits how many files to scan. Source: BID Type: UNKNOWN 16483 Source: CCN Type: BID-16483 Trend Micro ServerProtect Extracted File Count Exceed Scan Bypass Weakness Source: CCN Type: Trend Micro Web site ServerProtect for Microsoft Windows/Novell NetWare Source: XF Type: UNKNOWN serverprotect-file-scanning-bypass(24658) Source: XF Type: UNKNOWN serverprotect-file-scanning-bypass(24658) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||