APP: Trend Micro Control Manager 'CmdProcessor.exe' Remote Code Execution
This signature detects attempts to exploit a known vulnerability against Trend Micro Control Manager. A successful attack can lead to arbitrary code execution.
Extended Description
Trend Micro Control Manager is prone to a remote code-execution vulnerability. An attacker can exploit this vulnerability to execute arbitrary code in the context of the SYSTEM user. Failed attacks will cause denial-of-service conditions. Trend Micro Control Manager 5.0 and 5.5 are vulnerable; other versions may also be affected.
Affected Products
Trend_micro control_manager
References
BugTraq: 50965
CVE: CVE-2011-5001
URL: http://downloadcenter.trendmicro.com/index.php?prodid=7 http://us.trendmicro.com/us/products/enterprise/control-manager/ http://www.trendmicro.com/ftp/documentation/readme/readme_critical_patch_tmcm55_1613.txt http://www.zerodayinitiative.com/advisories/zdi-11-345/
Short Name
APP:TMIC:CONTROL-MANAGER-CMD
Severity
Major
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
'CmdProcessor.exe' CVE-2011-5001 Code Control Execution Manager Micro Remote Trend bid:50965
Release Date
03/19/2012
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
Port
TCP/20101,20102
False Positive
Unknown
Vendors
Trend_micro
CVSS Score
10.0