Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2001-0679 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Micro Interscan Viruswall

5 documents4 sources

Severity

10.0CRITICALNVD

EPSS

11.1%

top 6.52%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Trend Micro Interscan Viruswall

Timeline

PublishedNov 8

Latest updateApr 30

Description

A buffer overflow in InterScan VirusWall 3.23 and 3.3 allows a remote attacker to execute arbitrary code by sending a long HELO command to the server.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

▶NVDtrend_micro/interscan_viruswall3.23, 3.3+1

🔴Vulnerability Details

GHSA

GHSA-2wgc-2cv4-ww9r: A buffer overflow in InterScan VirusWall 3↗2022-04-30

▶

CVEList

CVE-2001-0679: A buffer overflow in InterScan VirusWall 3↗2001-09-12

▶

💥Exploits & PoCs

Exploit-DB

Trend Micro Interscan VirusWall 3.2.3/3.3 - 'HELO' Remote Buffer Overflow (2)↗1999-11-07

▶

Exploit-DB

Trend Micro Interscan VirusWall 3.2.3/3.3 - 'HELO' Remote Buffer Overflow (1)↗1999-11-07

▶