CVE-2008-2433 (OfficeScan, worry_free_business_security, client_server_messaging_suit - HeapOverflow Computer Security Community & Forums : Heap Overflow.com

HeapOverflow Computer Security Community & Forums : Heap Overflow.com

		HeapOverflow Computer Security Community & Forums : Heap Overflow.com > Computer Security: Discussions > Advisories
CVE-2008-2433 (OfficeScan, worry_free_business_security, client_server_messaging_suit

Mark Forums Read

Notices

Welcome to you visitor! This community is mainly dedicated to the computer and security, if you're looking for DFind scanner or others exploits codes you will find them into the Projects section, feel free to start Blogging and remember to always keep an eye and start talking about security Advisories & public Exploits.

Advisories Discuss about all newly security flaws classed by CVE entries and reviewed by security experts

CVE-2008-2433 (OfficeScan, worry_free_business_security, client_server_messaging_suit

This is a discussion on "CVE-2008-2433 (OfficeScan, worry_free_business_security, client_server_messaging_suit" within the Advisories part of the Computer Security: Discussions section; The web management console in Trend Micro OfficeScan 7.0 through 8.0, Worry-Free Business Security 5.0, and Client/Server/Messaging Suite 3.5 and 3.6 creates a random session token based only on the login time, ...

Reply

#1 (permalink)

Old

28-08-08

Heap is offline

Reporter

Join Date: Oct 2007

Posts: 12,469

Thanks: 0

Thanked 4 Times in 4 Posts

Rep Power: 2496

Heap is on a distinguished road

nvd

CVE-2008-2433 (OfficeScan, worry_free_business_security, client_server_messaging_suit

The web management console in Trend Micro OfficeScan 7.0 through 8.0, Worry-Free Business Security 5.0, and Client/Server/Messaging Suite 3.5 and 3.6 creates a random session token based only on the login time, which makes it easier for remote attackers to hijack sessions via brute-force attacks. NOTE: this can be leveraged for code execution through an unspecified "manipulation of the configuration."

More...

Reply With Quote

Sponsor

Advertiser

Reply

« CVE-2007-1682 (xfile) | CVE-2008-3736 (la_cooda_wiz, lacoodast) »

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Posting Rules
You may not post new threads You may not post replies You may not post attachments You may not edit your posts BB code is On Smilies are On [IMG] code is On HTML code is Off Trackbacks are On Pingbacks are On Refbacks are On

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
CVE-2008-3866 (internet_security_2007, internet_security_2008, officescan)	Heap	Advisories	0	23-01-09 02:42
CVE-2008-3865 (internet_security_2007, internet_security_2008, officescan)	Heap	Advisories	0	23-01-09 02:42
CVE-2008-3864 (internet_security_2007, internet_security_2008, officescan)	Heap	Advisories	0	23-01-09 02:42
CVE-2008-2439 (officescan, worry_free_business_security)	Heap	Advisories	0	04-10-08 02:40
CVE-2008-2437 (client-server-messaging_security, officescan)	Heap	Advisories	0	18-09-08 02:47

heapoverflow.com - SEOmeter SEO tools

Locations of visitors to this page

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37