Vulnerabilities > CVE-2002-0440 - Unspecified vulnerability in Trend Micro Interscan Viruswall 3.51/3.6
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN trend-micro
exploit available
Summary
Trend Micro InterScan VirusWall HTTP proxy 3.6 with the "Skip scanning if Content-length equals 0" option enabled allows malicious web servers to bypass content scanning via a Content-length header set to 0, which is often ignored by HTTP clients.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
Exploit-Db
| description | Trend Micro InterScan VirusWall 3.5/3.6 Content-Length Scan Bypass Vulnerability. CVE-2002-0440 . Remote exploits for multiple platform |
| id | EDB-ID:21339 |
| last seen | 2016-02-02 |
| modified | 2002-03-11 |
| published | 2002-03-11 |
| reporter | Jochen Thomas Bauer |
| source | https://www.exploit-db.com/download/21339/ |
| title | Trend Micro InterScan VirusWall 3.5/3.6 Content-Length Scan Bypass Vulnerability |
References
- http://seclists.org/lists/bugtraq/2002/Mar/0162.html
- http://seclists.org/lists/bugtraq/2002/Mar/0162.html
- http://www.inside-security.de/vwall_cl0.html
- http://www.inside-security.de/vwall_cl0.html
- http://www.iss.net/security_center/static/8425.php
- http://www.iss.net/security_center/static/8425.php
- http://www.securityfocus.com/bid/4265
- http://www.securityfocus.com/bid/4265